Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 SMTP:COMMAND:STARTTLS-CMD

Severity

 High

Recommended

 No

Category

 SMTP

Keywords

 Multiple Products STARTTLS Plaintext Command Injection

Release Date

 2011/06/22

Update Number

 1943

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SMTP: Multiple Products STARTTLS Plaintext Command Injection


This signature detects attempts to exploit a known vulnerability against several mail transfer agents (MTA's). A successful attack can lead to arbitrary command injection.

Extended Description

Multiple vendors' implementations of STARTTLS are prone to a vulnerability that lets attackers inject arbitrary commands. An attacker can exploit this issue to execute arbitrary commands in the context of the user running the application. Successful exploits can allow attackers to obtain email usernames and passwords. The following vendors are affected: Ipswitch Kerio Postfix Qmail-TLS Oracle (note that the affected application is unknown) SCO Group spamdyke ISC

Affected Products

  • Apple Mac Os X 10.6.5
  • Apple Mac Os X 10.6.6
  • Apple Mac Os X 10.6.7
  • Apple Mac Os X 10.6.8
  • Apple Mac OS X 10.6
  • Apple Mac OS X 10.6.1
  • Apple Mac OS X 10.6.2
  • Apple Mac OS X 10.6.3
  • Apple Mac OS X 10.6.4
  • Apple Mac OS X 10.6.5
  • Apple Mac Os X Server 10.6.7
  • Apple Mac Os X Server 10.6.8
  • Apple Mac OS X Server 10.6
  • Apple Mac OS X Server 10.6.1
  • Apple Mac OS X Server 10.6.2
  • Apple Mac OS X Server 10.6.3
  • Apple Mac OS X Server 10.6.4
  • Apple Mac OS X Server 10.6.5
  • Apple Mac OS X Server 10.6.5
  • Apple Mac OS X Server 10.6.6
  • Avaya Aura Communication Manager 6.0
  • Avaya Aura Communication Manager 6.0.1
  • Avaya Message Networking 3.1
  • Avaya Message Networking 5.2
  • Avaya Message Networking 5.2.1
  • Avaya Message Networking 5.2.2
  • Avaya Message Networking 5.2 SP1
  • Avaya Messaging Storage Server 4.0
  • Avaya Messaging Storage Server 5.0
  • Avaya Messaging Storage Server 5.1
  • Avaya Messaging Storage Server 5.1 SP1
  • Avaya Messaging Storage Server 5.1 SP2
  • Avaya Messaging Storage Server 5.2
  • Avaya Messaging Storage Server 5.2.2
  • Avaya Messaging Storage Server 5.2.8
  • Avaya Messaging Storage Server 5.2 SP1
  • Avaya Messaging Storage Server 5.2 SP2
  • Avaya Messaging Storage Server 5.2 SP3
  • Cyrus Cyrus IMAP Server 2.4
  • Cyrus Cyrus IMAP Server 2.4.6
  • Debian Linux 4.0
  • Debian Linux 4.0 Alpha
  • Debian Linux 4.0 Amd64
  • Debian Linux 4.0 Arm
  • Debian Linux 4.0 Armel
  • Debian Linux 4.0 Hppa
  • Debian Linux 4.0 Ia-32
  • Debian Linux 4.0 Ia-64
  • Debian Linux 4.0 M68k
  • Debian Linux 4.0 Mips
  • Debian Linux 4.0 Mipsel
  • Debian Linux 4.0 Powerpc
  • Debian Linux 4.0 S/390
  • Debian Linux 4.0 Sparc
  • Debian Linux 5.0
  • Debian Linux 5.0 Alpha
  • Debian Linux 5.0 Amd64
  • Debian Linux 5.0 Arm
  • Debian Linux 5.0 Armel
  • Debian Linux 5.0 Hppa
  • Debian Linux 5.0 Ia-32
  • Debian Linux 5.0 Ia-64
  • Debian Linux 5.0 M68k
  • Debian Linux 5.0 Mips
  • Debian Linux 5.0 Mipsel
  • Debian Linux 5.0 Powerpc
  • Debian Linux 5.0 S/390
  • Debian Linux 5.0 Sparc
  • Debian Linux 6.0
  • Gentoo Linux
  • IETF STARTTLS
  • Ipswitch IMail 2006.2
  • Ipswitch IMail 5.0.0
  • Ipswitch IMail 5.0.5
  • Ipswitch IMail 5.0.6
  • Ipswitch IMail 5.0.7
  • Ipswitch IMail 5.0.8
  • Ipswitch IMail 6.0.0
  • Ipswitch IMail 6.0.1
  • Ipswitch IMail 6.0.2
  • Ipswitch IMail 6.0.3
  • Ipswitch IMail 6.0.4
  • Ipswitch IMail 6.0.5
  • Ipswitch IMail 6.0.6
  • Ipswitch IMail 6.1.0
  • Ipswitch IMail 6.2.0
  • Ipswitch IMail 6.3.0
  • Ipswitch IMail 6.4.0
  • Ipswitch IMail 7.0.1
  • Ipswitch IMail 7.0.2
  • Ipswitch IMail 7.0.3
  • Ipswitch IMail 7.0.4
  • Ipswitch IMail 7.0.5
  • Ipswitch IMail 7.0.6
  • Ipswitch IMail 7.0.7
  • Ipswitch IMail 7.1.0
  • Ipswitch IMail 7.12.0
  • Ipswitch IMail 8.01
  • Ipswitch IMail 8.0.3
  • Ipswitch IMail 8.0.5
  • Ipswitch IMail 8.1.0
  • Ipswitch IMail 8.11
  • Ipswitch IMail 8.13.0
  • Ipswitch IMail 8.14.0
  • Ipswitch IMail 8.15.0 Hotfix 1
  • Ipswitch IMail 8.2.0
  • Ipswitch IMail 8.20.0
  • Ipswitch IMail 8.2.0 Hotfix 2
  • Ipswitch IMail 8.22.0
  • Ipswitch IMail
  • ISC INN 2.3.0
  • ISC INN 2.3.1
  • ISC INN 2.3.2
  • ISC INN 2.3.3
  • ISC INN 2.4.0 .0
  • ISC INN 2.4.1
  • ISC INN 2.5.2
  • Kerio Kerio Connect 7.1.4 build 2985
  • Kerio Mailserver 5.0.0
  • Kerio Mailserver 5.1.0
  • Kerio Mailserver 5.1.1
  • Kerio Mailserver 5.6.3
  • Kerio Mailserver 5.6.4
  • Kerio Mailserver 5.6.5
  • Kerio Mailserver 5.7.0 .0
  • Kerio Mailserver 5.7.1
  • Kerio Mailserver 5.7.10
  • Kerio Mailserver 5.7.2
  • Kerio Mailserver 5.7.3
  • Kerio Mailserver 5.7.4
  • Kerio Mailserver 5.7.5
  • Kerio Mailserver 5.7.6
  • Kerio Mailserver 5.7.7
  • Kerio Mailserver 5.7.8
  • Kerio Mailserver 5.7.9
  • Kerio Mailserver 6.0.0
  • Kerio Mailserver 6.0.1
  • Kerio Mailserver 6.0.10
  • Kerio Mailserver 6.0.2
  • Kerio Mailserver 6.0.3
  • Kerio Mailserver 6.0.4
  • Kerio Mailserver 6.0.5
  • Kerio Mailserver 6.0.9
  • Kerio Mailserver 6.1.3
  • Kerio Mailserver 6.1.3 Patch 1
  • Kerio Mailserver 6.2.2
  • Kerio Mailserver 6.3.1
  • Kerio Mailserver 6.4.1
  • Kerio Mailserver 6.4.2
  • Kerio Mailserver 6.5.0
  • Kerio Mailserver 6.6.0
  • Kerio Mailserver 6.6.1
  • Kerio Mailserver 6.6.1 Build 7069
  • Kerio Mailserver 6.6.2
  • Kerio Mailserver 6.6.2 Patch 3
  • Kerio Mailserver 6.7.0
  • Kerio Mailserver 6.7.0 Patch 1
  • Kerio Mailserver 6.7.3
  • Kerio Mailserver 7.0.0
  • Kolab Groupware Server 2.1.Beta3
  • Kolab Kolab Groupware Server 2.0.1
  • Kolab Kolab Groupware Server 2.0.2
  • Kolab Kolab Groupware Server 2.0.3
  • Kolab Kolab Groupware Server 2.0.4
  • Kolab Kolab Groupware Server 2.1.0
  • Kolab Kolab Groupware Server 2.1Beta2
  • Kolab Kolab Groupware Server 2.2.0
  • Kolab Kolab Groupware Server 2.2.2
  • Kolab Kolab Groupware Server 2.2.3
  • Kolab Kolab Groupware Server 2.2.4
  • Kolab Kolab Groupware Server 2.2 Beta1
  • Kolab Kolab Groupware Server 2.2 Beta3
  • Kolab Kolab Groupware Server 2.2-Rc1
  • Kolab Kolab Groupware Server 2.2 -Rc2
  • Kolab Kolab Groupware Server 2.2-Rc3
  • Kolab Kolab Groupware Server 2.3.1
  • Mandriva Corporate Server 4.0
  • Mandriva Corporate Server 4.0.0 X86 64
  • Mandriva Enterprise Server 5
  • Mandriva Enterprise Server 5 X86 64
  • Mandriva Linux Mandrake 2009.0
  • Mandriva Linux Mandrake 2009.0 X86 64
  • Mandriva Linux Mandrake 2010.1
  • Mandriva Linux Mandrake 2010.1 X86 64
  • Pardus Linux 2009
  • Pardus Linux 2011
  • Pure-FTPd 1.0.29
  • qmail-smtpd-auth netqmail
  • Red Hat Enterprise Linux 5 Server
  • Red Hat Enterprise Linux Desktop Version 4
  • Red Hat Enterprise Linux AS 4
  • Red Hat Enterprise Linux Desktop 5 Client
  • Red Hat Enterprise Linux Desktop 6
  • Red Hat Enterprise Linux Desktop Optional 6
  • Red Hat Enterprise Linux Desktop Workstation 5 Client
  • Red Hat Enterprise Linux ES 4
  • Red Hat Enterprise Linux HPC Node 6
  • Red Hat Enterprise Linux HPC Node Optional 6
  • Red Hat Enterprise Linux Server 6
  • Red Hat Enterprise Linux Server Optional 6
  • Red Hat Enterprise Linux Workstation 6
  • Red Hat Enterprise Linux Workstation Optional 6
  • Red Hat Enterprise Linux WS 4
  • Red Hat Fedora 13
  • Red Hat Fedora 14
  • SCO SCOoffice Server
  • spamdyke 4.2
  • Sun Java System Messaging Server 6.3
  • Sun Java System Messaging Server 7.0
  • SuSE openSUSE 11.2
  • SuSE openSUSE 11.3
  • SuSE openSUSE 11.4
  • SuSE SUSE Linux Enterprise 10 SP2
  • SuSE SUSE Linux Enterprise 10 SP3
  • SuSE SUSE Linux Enterprise 10 SP4
  • SuSE SUSE Linux Enterprise 11 SP1
  • SuSE SUSE Linux Enterprise Server 9
  • Ubuntu Ubuntu Linux 10.04 Amd64
  • Ubuntu Ubuntu Linux 10.04 ARM
  • Ubuntu Ubuntu Linux 10.04 I386
  • Ubuntu Ubuntu Linux 10.04 LTS
  • Ubuntu Ubuntu Linux 10.04 Powerpc
  • Ubuntu Ubuntu Linux 10.04 Sparc
  • Ubuntu Ubuntu Linux 10.10 amd64
  • Ubuntu Ubuntu Linux 10.10 ARM
  • Ubuntu Ubuntu Linux 10.10 i386
  • Ubuntu Ubuntu Linux 10.10 powerpc
  • Ubuntu Ubuntu Linux 6.06 LTS Amd64
  • Ubuntu Ubuntu Linux 6.06 LTS I386
  • Ubuntu Ubuntu Linux 6.06 LTS Powerpc
  • Ubuntu Ubuntu Linux 6.06 LTS Sparc
  • Ubuntu Ubuntu Linux 8.04 LTS Amd64
  • Ubuntu Ubuntu Linux 8.04 LTS I386
  • Ubuntu Ubuntu Linux 8.04 LTS Lpia
  • Ubuntu Ubuntu Linux 8.04 LTS Powerpc
  • Ubuntu Ubuntu Linux 8.04 LTS Sparc
  • Ubuntu Ubuntu Linux 9.10
  • Ubuntu Ubuntu Linux 9.10 Amd64
  • Ubuntu Ubuntu Linux 9.10 ARM
  • Ubuntu Ubuntu Linux 9.10 I386
  • Ubuntu Ubuntu Linux 9.10 Lpia
  • Ubuntu Ubuntu Linux 9.10 Powerpc
  • Ubuntu Ubuntu Linux 9.10 Sparc
  • WatchGuard XCS 9.0
  • WatchGuard XCS 9.1
  • Wietse Venema Postfix 1.0.21
  • Wietse Venema Postfix 1.1.11
  • Wietse Venema Postfix 1.1.12
  • Wietse Venema Postfix 1.1.13
  • Wietse Venema Postfix 19990906
  • Wietse Venema Postfix 19991231
  • Wietse Venema Postfix 2.0.0
  • Wietse Venema Postfix 20010228
  • Wietse Venema Postfix 20011115
  • Wietse Venema Postfix 2.1.0
  • Wietse Venema Postfix 2.1.3
  • Wietse Venema Postfix 2.1.5
  • Wietse Venema Postfix 2.2.10
  • Wietse Venema Postfix 2.2.3
  • Wietse Venema Postfix 2.2.4
  • Wietse Venema Postfix 2.4.8
  • Wietse Venema Postfix 2.4.9
  • Wietse Venema Postfix 2.5.4
  • Wietse Venema Postfix 2.5.4 Patchlevel 4
  • Wietse Venema Postfix 2.5.5
  • Wietse Venema Postfix 2.6
  • Wietse Venema Postfix 2.6-20080902
  • Wietse Venema Postfix 2.8

References

  • BugTraq: 46767
  • CVE: CVE-2014-3556
  • CVE: CVE-2011-1926
  • CVE: CVE-2011-0411

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out