postfixadmin -- Multiple Vulnerabilities

2012-01-27T00:00:00
ID 93688F8F-4935-11E1-89B4-001EC9578670
Type freebsd
Reporter FreeBSD
Modified 2012-01-27T00:00:00

Description

The Postfix Admin Team reports:

Multiple XSS vulnerabilities exist: - XSS with $_GET[domain] in templates/menu.php and edit-vacation - XSS in some create-domain input fields - XSS in create-alias and edit-alias error message - XSS (by values stored in the database) in fetchmail list view, list-domain and list-virtual Multiple SQL injection issues exist: - SQL injection in pacrypt() (if $CONF[encrypt] == 'mysql_encrypt') - SQL injection in backup.php - the dump was not mysql_escape()d, therefore users could inject SQL (for example in the vacation message) which will be executed when restoring the database dump. WARNING: database dumps created with backup.php from 2.3.4 or older might contain malicious SQL. Double-check before using them!