CVE-2010-1194 — Libesmtp vulnerability

CWE-3107 documents6 sources

Severity

6.8MEDIUMNVD

EPSS

0.3%

top 45.56%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Libesmtp Debian Libesmtp Stafford.uklinux Libesmtp

Timeline

PublishedMar 31

Latest updateMay 2

Description

The match_component function in smtp-tls.c in libESMTP 1.0.3.r1, and possibly other versions including 1.0.4, treats two strings as equal if one is a substring of the other, which allows remote attackers to spoof trusted certificates via a crafted subjectAltName.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages3 packages

▶debiandebian/libesmtp< libesmtp 1.0.4-2 (bookworm)

▶Debianlibesmtp/libesmtp< 1.0.4-2+3

▶NVDstafford.uklinux/libesmtp27 versions+26

Patches

Patch: bugs.debian.org ↗Patch: bugs.debian.org ↗

🔴Vulnerability Details

GHSA

GHSA-wqwx-p8fg-v9px: The match_component function in smtp-tls↗2022-05-02

▶

OSV

CVE-2010-1194: The match_component function in smtp-tls↗2010-03-31

▶

📋Vendor Advisories

Red Hat

libESMTP: Multiple certificate validation flaws↗2010-03-03

▶

Debian

CVE-2010-1194: libesmtp - The match_component function in smtp-tls.c in libESMTP 1.0.3.r1, and possibly ot...↗2010

▶

💬Community

Bugzilla

CVE-2010-1192 CVE-2010-1194 libESMTP: Multiple certificate validation flaws [epel-5]↗2014-06-30

▶

Bugzilla

CVE-2010-1192 CVE-2010-1194 libESMTP: Multiple certificate validation flaws↗2010-03-09

▶