Displaying 20 results from an estimated 71 matches for "3814".
Did you mean:
314
2019 Feb 05
0
CVE-2019-3814: Suitable client certificate can be used to login as other user
....3.4
Vulnerable component: authentication
Report confidence: Confirmed
Solution status: Fixed by Vendor
Fixed versions: 2.2.36.1, 2.3.4.1
Vendor notification: 2019-01-16
Solution date: 2019-01-20
Public disclosure: 2019-02-05
Researcher Credits: https://hackerone.com/halfdog
CVE reference: CVE-2019-3814
CVSS: 8.2 (AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N)
Vulnerability Details:
Normally Dovecot is configured to authenticate
imap/pop3/managesieve/submission clients using regular username/password
combination. Some installations have also required clients to present a
trusted SSL certificate on top of t...
2008 Aug 29
1
Debian version and xend
Hello,
I just upgraded my 64-bits dom0 from Etch to Lenny, I am still running
the 2.6.18 Xen kernel by apt-pinning it (see later).
But now xend does not start anymore:
------------
xen:~# /etc/init.d/xend start
Starting XEN control daemon: xendTraceback (most recent call last):
File "/usr/lib/xen-3.0.3-1/bin/xend", line 40, in <module>
from xen.xend.server import SrvDaemon
2019 Feb 05
8
Dovecot v2.2.36.1 released
https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz
https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz.sig
??? * CVE-2019-3814: If imap/pop3/managesieve/submission client has
??? ? trusted certificate with missing username field
??? ? (ssl_cert_username_field), under some configurations Dovecot
??? ? mistakenly trusts the username provided via authentication instead
??? ? of failing.
??? * ssl_cert_username_field setting w...
2019 Feb 05
8
Dovecot v2.2.36.1 released
https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz
https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz.sig
??? * CVE-2019-3814: If imap/pop3/managesieve/submission client has
??? ? trusted certificate with missing username field
??? ? (ssl_cert_username_field), under some configurations Dovecot
??? ? mistakenly trusts the username provided via authentication instead
??? ? of failing.
??? * ssl_cert_username_field setting w...
2019 Feb 05
2
Dovecot v2.2.36.1 released
...cot.org/releases/2.2/dovecot-2.2.36.1.tar.gz.sig" rel="noopener" target="_blank">https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz.sig</a>
</div>
</blockquote>
<blockquote type="cite">
<div>
* CVE-2019-3814: If imap/pop3/managesieve/submission client has
</div>
<div>
trusted certificate with missing username field
</div>
<div>
(ssl_cert_username_field), under some configurations Dovecot
</div>
<div>
mistakenly...
2004 May 10
1
Failed to initialize group mapping
...so i cant "play" with it unless i warn first. hope i can get this problem solved.
---
and this one which aint too bad:
for no reason i get sometimes those lines:
May 10 09:37:06 smb smbd[823]: [2004/05/10 09:37:06, 0] smbd/service.c:make_connection(857)
May 10 09:37:06 smb smbd[823]: 3814 (192.168.2.44) couldn't find service
May 10 09:37:06 smb smbd[823]: [2004/05/10 09:37:06, 0] printing/pcap.c:pcap_printername_ok(253)
May 10 09:37:06 smb smbd[823]: Attempt to locate null printername! Internal error?
May 10 09:37:06 smb smbd[823]: [2004/05/10 09:37:06, 0] smbd/service.c:make_...
2019 Feb 05
2
Dovecot v2.2.36.1 released
...the 2.2.x version and now only build 2.3.x.
> Should I be maintaining both?
>
> Eric
>
> On 2/5/2019 6:01 AM, Aki Tuomi wrote:
>
> https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz
> https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz.sig
>
> * CVE-2019-3814: If imap/pop3/managesieve/submission client has
> trusted certificate with missing username field
> (ssl_cert_username_field), under some configurations Dovecot
> mistakenly trusts the username provided via authentication instead
> of failing.
> * ssl_cert...
2011 May 24
1
Loading an S object into R
...3688 3689 3690 3691 3693 3694 3695 3696 3697 3698 3709 3710 3711 3713 3719 3722 3726 3728 3729 3730 3732 3733 3734 3735 3736 3737 3740 3741 3742 3743 3744 3746 3756 3758 3759 3760 3761 3762 3766 3767 3768 3769 3770 3771 3772 3777 3783 3784 3787 3788 3789 3790 3791 3792 3795 3798 3801 3802 3803 3805 3814 3817 3818 3819 3821 3822 3824 3826 3836 3837 3838 3840 3841 3842 3848 3850 3854 3855 3856 3857 3858 3864 3868 3870 3871 3878 3884 3888 3898 3900 3901 3902 3903 3904 3905 3912 3914 3915 3916 3917 3918 3921 3924 3927 3928 3930 3931 3932 3935 3946 3947 3948 3949 3951 3952 3954 3957 3958 3961 3963 3964...
2019 Feb 05
3
Release notify (2.2.36.1 and 2.3.4.1)
...ion, so here it is repeated for both releases:
2.3.4.1
https://dovecot.org/releases/2.3/dovecot-2.3.4.1.tar.gz
https://dovecot.org/releases/2.3/dovecot-2.3.4.1.tar.gz.sig
<https://dovecot.org/releases/2.3/dovecot-2.3.2.tar.gz.sig>
Binary packages in https://repo.dovecot.org/
* CVE-2019-3814: If imap/pop3/managesieve/submission client has
trusted certificate with missing username field
(ssl_cert_username_field), under some configurations Dovecot
mistakenly trusts the username provided via authentication instead
of failing.
* ssl_cert_username_field setting w...
2019 Feb 05
3
Release notify (2.2.36.1 and 2.3.4.1)
...ion, so here it is repeated for both releases:
2.3.4.1
https://dovecot.org/releases/2.3/dovecot-2.3.4.1.tar.gz
https://dovecot.org/releases/2.3/dovecot-2.3.4.1.tar.gz.sig
<https://dovecot.org/releases/2.3/dovecot-2.3.2.tar.gz.sig>
Binary packages in https://repo.dovecot.org/
* CVE-2019-3814: If imap/pop3/managesieve/submission client has
trusted certificate with missing username field
(ssl_cert_username_field), under some configurations Dovecot
mistakenly trusts the username provided via authentication instead
of failing.
* ssl_cert_username_field setting w...
2019 Feb 05
0
Dovecot v2.2.36.1 released
https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz
https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz.sig
??? * CVE-2019-3814: If imap/pop3/managesieve/submission client has
??? ? trusted certificate with missing username field
??? ? (ssl_cert_username_field), under some configurations Dovecot
??? ? mistakenly trusts the username provided via authentication instead
??? ? of failing.
??? * ssl_cert_username_field setting w...
2019 Feb 05
0
Dovecot v2.3.4.1 released
https://dovecot.org/releases/2.3/dovecot-2.3.4.1.tar.gz
https://dovecot.org/releases/2.3/dovecot-2.3.4.1.tar.gz.sig
<https://dovecot.org/releases/2.3/dovecot-2.3.2.tar.gz.sig>
Binary packages in https://repo.dovecot.org/
??? * CVE-2019-3814: If imap/pop3/managesieve/submission client has
??? ? trusted certificate with missing username field
??? ? (ssl_cert_username_field), under some configurations Dovecot
??? ? mistakenly trusts the username provided via authentication instead
??? ? of failing.
??? * ssl_cert_username_field setting w...
2019 Feb 05
0
Dovecot v2.2.36.1 released (Pigeonhole 0.4.24.1)
...FILTER command.
- imap_filter_sieve plugin: Fix FILTER to work with pipelining
Regards,
Stephan.
Op 5-2-2019 om 14:01 schreef Aki Tuomi:
> https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz
> https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz.sig
>
> ??? * CVE-2019-3814: If imap/pop3/managesieve/submission client has
> ??? ? trusted certificate with missing username field
> ??? ? (ssl_cert_username_field), under some configurations Dovecot
> ??? ? mistakenly trusts the username provided via authentication instead
> ??? ? of failing.
> ??? * ssl...
2019 Feb 05
0
Dovecot 2.3.4.1 released
https://dovecot.org/releases/2.3/dovecot-2.3.4.1.tar.gz
https://dovecot.org/releases/2.3/dovecot-2.3.4.1.tar.gz.sig
<https://dovecot.org/releases/2.3/dovecot-2.3.2.tar.gz.sig>
Binary packages in https://repo.dovecot.org/
??? * CVE-2019-3814: If imap/pop3/managesieve/submission client has
??? ? trusted certificate with missing username field
??? ? (ssl_cert_username_field), under some configurations Dovecot
??? ? mistakenly trusts the username provided via authentication instead
??? ? of failing.
??? * ssl_cert_username_field setting w...
2019 Feb 05
0
Dovecot v2.2.36.1 released
...ped building RPM's of the 2.2.x version and now only build 2.3.x.
Should I be maintaining both?
Eric
On 2/5/2019 6:01 AM, Aki Tuomi wrote:
> https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz
> https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz.sig
>
> ??? * CVE-2019-3814: If imap/pop3/managesieve/submission client has
> ??? ? trusted certificate with missing username field
> ??? ? (ssl_cert_username_field), under some configurations Dovecot
> ??? ? mistakenly trusts the username provided via authentication instead
> ??? ? of failing.
> ??? * ssl...
2019 Feb 05
0
Dovecot v2.2.36.1 released
...ld 2.3.x.
>> Should I be maintaining both?
>>
>> Eric
>>
>> On 2/5/2019 6:01 AM, Aki Tuomi wrote:
>>> https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz
>>> https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz.sig
>>> ??? * CVE-2019-3814: If imap/pop3/managesieve/submission client has
>>> ??? ? trusted certificate with missing username field
>>> ??? ? (ssl_cert_username_field), under some configurations Dovecot
>>> ??? ? mistakenly trusts the username provided via authentication
>>> instead
>...
2019 Feb 05
0
Dovecot v2.2.36.1 released (Pigeonhole 0.4.24.1)
...FILTER command.
- imap_filter_sieve plugin: Fix FILTER to work with pipelining
Regards,
Stephan.
Op 5-2-2019 om 14:01 schreef Aki Tuomi:
> https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz
> https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz.sig
>
> ??? * CVE-2019-3814: If imap/pop3/managesieve/submission client has
> ??? ? trusted certificate with missing username field
> ??? ? (ssl_cert_username_field), under some configurations Dovecot
> ??? ? mistakenly trusts the username provided via authentication instead
> ??? ? of failing.
> ??? * ssl...
2007 Apr 13
0
ZenTest 3.5 & RSpec 0.9
The latest release of Autotest, bundled in ZenTest 3.5, now has support for
running specs! No longer do we need to use the rspec_autotest plugin, now
it-just-works. The only problem is that the script is assuming you have the
rspec gem installed. If you''re keeping up with Edge RSpec on your Rails
project you''ve probably just included rspec and rspec_on_rails into your
2019 Feb 05
1
Dovecot v2.2.36.1 released (Pigeonhole 0.4.24.1)
...FILTER to work with pipelining
>
>
> Regards,
>
> Stephan.
>
> Op 5-2-2019 om 14:01 schreef Aki Tuomi:
>> https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz
>> https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz.sig
>>
>> ??? * CVE-2019-3814: If imap/pop3/managesieve/submission client has
>> ??? ? trusted certificate with missing username field
>> ??? ? (ssl_cert_username_field), under some configurations Dovecot
>> ??? ? mistakenly trusts the username provided via authentication
>> instead
>> ??? ? o...
2006 Oct 18
1
Profile permissions issue? Samba and FDS problem
...ll: /bin/bash
objectClass: inetOrgPerson
objectClass: sambaSAMAccount
objectClass: posixAccount
objectClass: organizationalPerson
objectClass: top
objectClass: person
cn: Test User
sn: User
gecos: Test User
description: Test User
displayName: Test User
mail: test.user@ipov.net
sambaSID: S- sid_here-3814
sambaHomeDrive: H:
sambaHomePath: \\ server_name\homes
sambaProfilePath: \\server_name\profiles\test.user
sambaLogonScript: STARTUP.BAT
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdMustChange: 2147483647
sambaPwdCanChange: 1142535948
sambaPasswordHistory:
00000...