FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

spamdyke -- STARTTLS Plaintext Injection Vulnerability

Affected packages
spamdyke < 4.2.1

Details

VuXML ID a47af810-3a17-11e1-a1be-00e0815b8da8
Discovery 2012-01-04
Entry 2012-01-08
Modified 2012-01-23

Secunia reports:

The vulnerability is caused due to the TLS implementation not properly clearing transport layer buffers when upgrading from plaintext to ciphertext after receiving the "STARTTLS" command. This can be exploited to insert arbitrary plaintext data (e.g. SMTP commands) during the plaintext phase, which will then be executed after upgrading to the TLS ciphertext phase.

References

CVE Name CVE-2012-0070
URL http://secunia.com/advisories/47435/
URL http://www.spamdyke.org/documentation/Changelog.txt