Hi,
I wanted to share some research we have done on vulnerabilities in
STARTTLS implementations:
https://nostarttls.secvuln.info/
We started analyzing STARTTLS implementations in E-Mail servers and
clients based on the 2011 command injection discovered in Postfix. We
learned that this vulnerabili
On Wed, Aug 11, 2021 at 05:42:40PM +0200, Hanno Böck wrote:
> We started analyzing STARTTLS implementations in E-Mail servers and
> clients based on the 2011 command injection discovered in Postfix.
Specifically discovered by Wietse Venema, while refactoring some Postfix
code. He observed that t
