CVE-2011-4318

Dovecot 2.0.x <2.0.16 - Man-in-the-Middle

Title source: llm
STIX 2.1

Description

Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.

References (9)

Core 9
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/46886
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-0520.html
Issue Tracking x_refsource_misc
https://bugs.gentoo.org/show_bug.cgi?id=390887
Issue Tracking x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=754980
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/52311
Various Sources x_refsource_confirm
http://hg.dovecot.org/dovecot-2.0/rev/5e9eaf63a6b1
Various Sources mailing-list x_refsource_mlist
http://www.dovecot.org/list/dovecot-news/2011-November/000200.html
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2011/11/18/7
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2011/11/18/5

Scores

EPSS 0.0132
EPSS Percentile 67.5%

Details

CWE
CWE-20
Status published
Products (16)
dovecot/dovecot 2.0.0
dovecot/dovecot 2.0.1
dovecot/dovecot 2.0.2
dovecot/dovecot 2.0.3
dovecot/dovecot 2.0.4
dovecot/dovecot 2.0.5
dovecot/dovecot 2.0.6
dovecot/dovecot 2.0.7
dovecot/dovecot 2.0.8
dovecot/dovecot 2.0.9
... and 6 more
Published Mar 07, 2013
Tracked Since Feb 18, 2026