Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
camel/providers/imapx/camel-imapx-server.c in the IMAPx component in GNOME evolution-data-server before 3.21.2 proceeds with cleartext data containing a password if the client wishes to use STARTTLS but the server will not use STARTTLS, which makes it easier for remote attackers to obtain sensitive information by sniffing the network. The server code was intended to report an error and not proceed, but the code was written incorrectly.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
GNOME evolution-data-server IMAPx组件安全漏洞
Vulnerability Description
GNOME evolution-data-server是GNOME项目的一套用于Linux下Gnome桌面环境的邮件数据服务器。IMAPx是其中的一个用于处理邮件和文件夹的组件。 GNOME evolution-data-server 3.21.2之前版本中的IMAPx组件的camel/providers/imapx/camel-imapx-server.c文件存在安全漏洞,该漏洞源于当服务器没有使用STARTTLS时,程序依然会发送带有敏感信息的明文数据。远程攻击者可通过嗅探网络利用该漏洞获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A