oval:org.mitre.oval:def:21792

Definition Id: oval:org.mitre.oval:def:21792
 
Oval ID: oval:org.mitre.oval:def:21792
Title: RHSA-2011:0423: postfix security update (Moderate)
Description: The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9, and 2.7.x before 2.7.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack.
Family: unix Class: patch
Reference(s): RHSA-2011:0423-01
CVE-2011-0411
Version: 4
Platform(s): Red Hat Enterprise Linux 6
Product(s): postfix
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20273
 
Oval ID: oval:org.mitre.oval:def:20273
Title: The operating system installed on the system is Red Hat Enterprise Linux 6
Description: The operating system installed on the system is Red Hat Enterprise Linux 6.
Family: unix Class: inventory
Reference(s): cpe:/o:redhat:enterprise_linux:6
Version: 6
Platform(s): Red Hat Enterprise Linux 6
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:21792