AIX 5.3 TL 9 : sendmail (IZ72835)

'sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name CN field of an X.509 certificate, which 1 allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and 2 allows...

AIX 6.1 TL 2 : sendmail (IZ72515)

'sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name CN field of an X.509 certificate, which 1 allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and 2 allows...

rubygem-mail: arbitrary command execution when using exim or sendmail from commandline

The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a 1 sendmail or 2 exim delivery...

[SECURITY] Fedora 16 Update: exim-4.76-4.fc16.2

Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...

Slackware Advisory SSA:2003-260-02 Sendmail vulnerabilities fixed

The remote host is missing an update as announced via advisory SSA:2003-260-02. OpenVAS Vulnerability Test $Id: esoftslkssa200326002.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

Slackware Advisory SSA:2006-081-01 sendmail

The remote host is missing an update as announced via advisory SSA:2006-081-01. OpenVAS Vulnerability Test $Id: esoftslkssa200608101.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

Slackware Advisory SSA:2006-166-01 sendmail

The remote host is missing an update as announced via advisory SSA:2006-166-01. OpenVAS Vulnerability Test $Id: esoftslkssa200616601.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

Slackware: Security Advisory (SSA:2006-166-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware: Security Advisory (SSA:2006-081-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware: Security Advisory (SSA:2003-260-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 201206-30 (sendmail)

The remote host is missing updates announced in advisory GLSA 201206-30. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 201206-30 (sendmail)

The remote host is missing updates announced in advisory GLSA 201206-30. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

Scientific Linux Security Update : sendmail on SL4.x i386/x86_64

A flaw was found in the way sendmail handled NUL characters in the CommonName field of X.509 certificates. An attacker able to get a carefully-crafted certificate signed by a trusted Certificate Authority could trick sendmail into accepting it by mistake, allowing the attacker to perform a...

Scientific Linux Security Update : sendmail on SL4.x i386/x86_64

The configuration of Sendmail was found to not reject the 'localhost.localdomain' domain name for e-mail messages that came from external hosts. This could have allowed remote attackers to disguise spoofed messages CVE-2006-7176. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptiv...

Scientific Linux Security Update : sendmail on SL5.x i386/x86_64

The configuration of sendmail in Scientific Linux was found to not reject the 'localhost.localdomain' domain name for email messages that come from external hosts. This could allow remote attackers to disguise spoofed messages. CVE-2006-7176 A flaw was found in the way sendmail handled NUL...

DEBIAN-CVE-2012-2140

The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a 1 sendmail or 2 exim delivery...

CVE-2012-2140

The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a 1 sendmail or 2 exim delivery...

Code injection

The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a 1 sendmail or 2 exim delivery...

CVE-2012-2140

The CVE-2012-2140 entry concerns the rubygem-mail package for Ruby, version prior to 2.4.3. The vulnerability arises in the mail gem’s Exim/Sendmail delivery paths where improper input handling allows a remote attacker to execute arbitrary commands via shell metacharacters. Public documentation i...

CVE-2012-2140

The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a 1 sendmail or 2 exim delivery...