Candidate: CVE-2014-3556
PublicDate: 2014-12-29 20:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3556
 http://mailman.nginx.org/pipermail/nginx-announce/2014/000144.html
Description:
 The STARTTLS implementation in mail/ngx_mail_smtp_handler.c in the SMTP
 proxy in nginx 1.5.x and 1.6.x before 1.6.1 and 1.7.x before 1.7.4 does not
 properly restrict I/O buffering, which allows man-in-the-middle attackers
 to insert commands into encrypted SMTP sessions by sending a cleartext
 command that is processed after TLS is in place, related to a "plaintext
 command injection" attack, a similar issue to CVE-2011-0411.
Ubuntu-Description:
Notes:
 mdeslaur> per Debian, only affects 1.5.6 to 1.7.3
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757196
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_nginx:
upstream_nginx: released (1.6.1-1, 1.7.4)
lucid_nginx: ignored (reached end-of-life)
precise_nginx: not-affected (1.1.19-1ubuntu0.6)
trusty_nginx: not-affected (1.4.6-1ubuntu3)
trusty/esm_nginx: not-affected (1.4.6-1ubuntu3)
devel_nginx: not-affected (1.4.6-1ubuntu3)