CVE-2013-4584
https://notcve.org/view.php?id=CVE-2013-4584
Perdition before 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. ssl_outgoing_ciphers not being applied to STARTTLS connections Perdition versiones anteriores a la versión2.2, puede tener una seguridad débil cuando se maneja conexiones salientes, causada por un error en el servidor IMAP y POP STARTTLS. La función ssl_outgoing_ciphers no se aplica a las conexiones STARTTLS • http://www.openwall.com/lists/oss-security/2013/11/15/6 http://www.securityfocus.com/bid/63696 https://access.redhat.com/security/cve/cve-2013-4584 https://exchange.xforce.ibmcloud.com/vulnerabilities/89184 https://github.com/horms/perdition/commit/62a0ce94aeb7dd99155882956ce9e327ab914ddf https://security-tracker.debian.org/tracker/CVE-2013-4584 • CWE-755: Improper Handling of Exceptional Conditions •
CVE-2001-1566
https://notcve.org/view.php?id=CVE-2001-1566
Format string vulnerability in libvanessa_logger 0.0.1 in Perdition 0.1.8 allows remote attackers to execute arbitrary code via format string specifiers in the __vanessa_logger_log function. • http://archives.neohapsis.com/archives/vulnwatch/2001-q4/0082.html http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2001-12/0260.html http://www.securityfocus.com/bid/3740 http://www.vergenet.net/linux/perdition/string_format.html •