1631 matches found
Solaris 10 (x86) : 151075-02
SunOS 5.10x86: sendmail patch. Date this patch was last updated by Sun : Dec/13/14 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
[SECURITY] Fedora 26 Update: exim-4.89-7.fc26
Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...
Zeta Components Mail 1.8.1 - Remote Code Execution
Zeta Components Mail 1.8.1 - Remote Code Execution Vendor: Zeta Components module: Mail, returnPath-email”; If attacker assign email address like: '[email protected] -X/var/www/html/cache/exploit.php' and inject payload in mail body, sendmail will transfer log-X into...
Zeta Components Mail 1.8.1 - Remote Code Execution
Vendor: Zeta Components module: Mail, returnPath-email”; If attacker assign email address like: '[email protected] -X/var/www/html/cache/exploit.php' and inject payload in mail body, sendmail will transfer log-X into /var/www/html/cache/exploit.php. The resulting file will contain t...
Mail Improper Input Validation vulnerability
The deliver function in the sendmail delivery agent lib/mail/network/deliverymethods/sendmail.rb in Ruby Mail gem 2.2.14 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an e-mail address...
Mail Gem Improper Input Validation vulnerability
The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a 1 sendmail or 2 exim delivery...
GHSA-RP63-JFMW-532W Mail Gem Improper Input Validation vulnerability
The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a 1 sendmail or 2 exim delivery...
[SECURITY] Fedora 27 Update: mimedefang-2.81-1.fc27
MIMEDefang is an e-mail filter program which works with Sendmail 8.12 and later. It filters all e-mail messages sent via SMTP. MIMEDefang splits multi-part MIME messages into their components and potentially deletes or modifies the various parts. It then reassembles the parts back into an e-mail...
[SECURITY] Fedora 25 Update: mimedefang-2.81-1.fc25
MIMEDefang is an e-mail filter program which works with Sendmail 8.12 and later. It filters all e-mail messages sent via SMTP. MIMEDefang splits multi-part MIME messages into their components and potentially deletes or modifies the various parts. It then reassembles the parts back into an e-mail...
[SECURITY] Fedora 26 Update: mimedefang-2.81-1.fc26
MIMEDefang is an e-mail filter program which works with Sendmail 8.12 and later. It filters all e-mail messages sent via SMTP. MIMEDefang splits multi-part MIME messages into their components and potentially deletes or modifies the various parts. It then reassembles the parts back into an e-mail...
[SECURITY] Fedora 26 Update: exim-4.89-5.fc26
Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...
Arbitrary Code Execution
bcit-ci/codeigniter is vulnerable to arbitrary code execution. A flaw in system/libraries/Email.php allows attackers to leveraging control over the email - from field to insert sendmail command-line arguments...
Remote Code Execution in extension "AH Sendmail" (ah_sendmail)
It has been discovered that the extension "AH Sendmail" ahsendmail is susceptible to Remote Code Execution. Release Date: July 11, 2017 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: version 2.0.0 and below Vulnerability...
Remote Code Execution in extension "Maag Sendmail" (maag_sendmail)
It has been discovered that the extension "Maag Sendmail" maagsendmail is susceptible to Remote Code Execution. Release Date: July 11, 2017 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: version 2.0.0 and below Vulnerabili...
VulnCheck KEV: CVE-2003-0694
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c...
VulnCheck KEV: CVE-2003-0681
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets 1 recipient 2, final, or 3 mailer-specific envelope recipients, has unknown consequences...
(0Day) Schneider Electric U.motion Builder sendmail email_attachment Parameter Absolute Path Traversal Information Disclosure Vulnerability
This vulnerability allows remote attackers to extract arbitrary files on vulnerable installations of Schneider Electric U.motion Builder. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of sendmail.php. The applet allows callers to select...
Sendmail Remote Code Execution Vulnerability
Sendmail is a free and open source mail transfer agent of the U.S. Sendmail Inc. A remote code execution vulnerability exists in Sendmail. An attacker could exploit the vulnerability to execute arbitrary code in the context of an affected application, or a failed attempt would result in a denial ...
Detailed analysis of the PHP mail()function exploit techniques-vulnerability warning-the black bar safety net
This white paper aims to eliminate about PHP mail function in exploit the limitations of some of the misunderstandings, and demonstrate the use of the further development. It provides several on the PHP mailfunction of the new exploit and bypass the technology of the vector, in major PHP e-mail...
CVE-2017-7692
SquirrelMail 1.4.22 and other versions before 201704270200-SVN allows post-authentication remote code execution via a sendmail.cf file that is mishandled in a popen call. It's possible to exploit this vulnerability to execute arbitrary shell commands on the remote server. The problem is in the...