FreeBSD93688F8F-4935-11E1-89B4-001EC9578670postfixadmin -- Multiple Vulnerabilities
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.012 Low
EPSS
Percentile
85.5%
The Postfix Admin Team reports:
Multiple XSS vulnerabilities exist:
- XSS with $_GET[domain] in templates/menu.php and
edit-vacation
- XSS in some create-domain input fields
- XSS in create-alias and edit-alias error message
- XSS (by values stored in the database) in fetchmail list
view, list-domain and list-virtual
Multiple SQL injection issues exist:
- SQL injection in pacrypt() (if $CONF[encrypt] ==
‘mysql_encrypt’)
- SQL injection in backup.php - the dump was not mysql_escape()d,
therefore users could inject SQL (for example in the vacation message)
which will be executed when restoring the database dump.
WARNING: database dumps created with backup.php from 2.3.4 or older
might contain malicious SQL. Double-check before using them!
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | postfixadmin | < 2.3.5 | UNKNOWN |
Related
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.012 Low
EPSS
Percentile
85.5%