1631 matches found
[SECURITY] [DLA 3829-1] sendmail security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3829-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès June 15, 2024 https://wiki.debian.org/LTS -...
DLA-3829-1 sendmail - security update
Bulletin has no description...
Debian dla-3829 : libmilter-dev - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3829 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3829-2 [email protected] https://www.debian.org/lts/security/...
CVE-2024-27167
Toshiba printers use Sendmail to send emails to recipients. Sendmail is used with several insecure directories. A local attacker can inject a malicious Sendmail configuration file. As for the affected products/models/versions, see the reference URL...
CVE-2024-27167 Insecure permissions
Toshiba printers use Sendmail to send emails to recipients. Sendmail is used with several insecure directories. A local attacker can inject a malicious Sendmail configuration file. As for the affected products/models/versions, see the reference URL...
CVE-2024-27167 Insecure permissions
Toshiba printers use Sendmail to send emails to recipients. Sendmail is used with several insecure directories. A local attacker can inject a malicious Sendmail configuration file. As for the affected products/models/versions, see the reference URL...
CVE-2024-27167
CVE-2024-27167 affects Toshiba printers that use Sendmail to send emails. The issue arises because Sendmail is used with several insecure directories, allowing a local attacker to inject a malicious Sendmail configuration file. Affected products/models/versions are referenced in the linked source...
PT-2024-21700 · Toshiba · Toshiba Printers
Name of the Vulnerable Software and Affected Versions: Toshiba printers affected versions not specified Description: The issue concerns Toshiba printers that utilize Sendmail to send emails. Sendmail is used in conjunction with several insecure directories, allowing a local attacker to inject a...
Zend-Mail remote code execution in zend-mail via Sendmail adapter
When using the zend-mail component to send email via the Zend\Mail\Transport\Sendmail transport, a malicious user may be able to inject arbitrary parameters to the system sendmail program. The attack is performed by providing additional quote characters within an address; when unsanitized, they c...
GHSA-CXF7-M5G2-V594 Zend-Mail remote code execution in zend-mail via Sendmail adapter
When using the zend-mail component to send email via the Zend\Mail\Transport\Sendmail transport, a malicious user may be able to inject arbitrary parameters to the system sendmail program. The attack is performed by providing additional quote characters within an address; when unsanitized, they c...
ZendFramework potential remote code execution in zend-mail via Sendmail adapter
When using the zend-mail component to send email via the Zend\Mail\Transport\Sendmail transport, a malicious user may be able to inject arbitrary parameters to the system sendmail program. The attack is performed by providing additional quote characters within an address; when unsanitized, they c...
GHSA-GFF2-P6VM-3P8G ZendFramework potential remote code execution in zend-mail via Sendmail adapter
When using the zend-mail component to send email via the Zend\Mail\Transport\Sendmail transport, a malicious user may be able to inject arbitrary parameters to the system sendmail program. The attack is performed by providing additional quote characters within an address; when unsanitized, they c...
Arbitrary Command Execution
typo3/cms is vulnerable to Arbitrary Command Execution. The vulnerability is due to improper handling of the "From" header when an email comes from a non-trusted source and when no "Return-Path" is configured, which allows an attacker to execute arbitrary shell commands on the server. Note that...
RHEL 8 : sendmail (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - sendmail: SMTP smuggling vulnerability CVE-2023-51765 Note that Nessus has not tested for this issue but has instea...
RHEL 9 : sendmail (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - sendmail: SMTP smuggling vulnerability CVE-2023-51765 Note that Nessus has not tested for this issue but has instea...
GHSA-45XG-4W5X-J429 TYPO3 Arbitrary Shell Execution in Swiftmailer library
The swiftmailer library in use allows to execute arbitrary shell commands if the "From" header comes from a non-trusted source and no "Return-Path" is configured. Affected are only TYPO3 installation the configuration option $GLOBALS'TYPO3CONFVARS''MAIL''transport' is set to "sendmail"...
TYPO3 Arbitrary Shell Execution in Swiftmailer library
The swiftmailer library in use allows to execute arbitrary shell commands if the "From" header comes from a non-trusted source and no "Return-Path" is configured. Affected are only TYPO3 installation the configuration option $GLOBALS'TYPO3CONFVARS''MAIL''transport' is set to "sendmail"...
PT-2024-40065 · Typo3 +1 · Typo3 +1
Name of the Vulnerable Software and Affected Versions: TYPO3 affected versions not specified Description: The issue allows execution of arbitrary shell commands if the "From" header comes from a non-trusted source and no "Return-Path" is configured. This is specifically related to the swiftmailer...
Swiftmailer Sendmail transport arbitrary shell execution
Prior to 5.2.1, the sendmail transport SwiftTransportSendmailTransport was vulnerable to an arbitrary shell execution if the "From" header came from a non-trusted source and no "Return-Path" is configured. This has been fixed in 5.2.1. If you are using sendmail as a transport, you are encouraged ...
GHSA-4QPJ-GXXG-JQG4 Swiftmailer Sendmail transport arbitrary shell execution
Prior to 5.2.1, the sendmail transport SwiftTransportSendmailTransport was vulnerable to an arbitrary shell execution if the "From" header came from a non-trusted source and no "Return-Path" is configured. This has been fixed in 5.2.1. If you are using sendmail as a transport, you are encouraged ...