CVE-2011-4318
EPSS 0.32%Published: 3/7/2013Modified: 4/28/2026
Also known as:DEBIAN-CVE-2011-4318
Description
Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.
Affected packages (1)
- Debian/dovecotfrom 0, < 1:2.0.18-1