CVE-2012-2140

The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a 1 sendmail or 2 exim delivery...

Vulnerability in AIX sendmail

IBM SECURITY ADVISORY First Issued: Mon Jul 16 13:28:25 CDT 2012 | Updated: Tue Sept 27 9:50:28 CDT 2012 | Update: New ifixes to include sendmailssl and sendmailnossl | Update: Corrected file names | Update: New ifixes for the latest SP's | Updated: Thu Dec 12 12:55:11 CST 2013 | Update: 1. Added...

Wordpress Diary/Notebook Site5 Theme Email Spoofing

Exploit for php platform in category web applications !/usr/bin/perl Exploit Title: Diary/Notebook Site5 Wordpress Theme - Email Spoofing Date: 15.07.2012 Exploit Author: @bwallHatesTwits Discovered by: @xxDigiPxx...

Site5 WordPress Theme Email Spoofing

!/usr/bin/perl Exploit Title: Site5 Wordpress Themes - Email Spoofing Date: 15.07.2012 Exploit Author: @bwallHatesTwits Discovered by: @xxDigiPxx http://www.ticktockcomputers.com/wordpress/site5-wordpress-theme-diary-sendmail-php-spoofing/ Software Link: http://www.wpdiarytheme.com/ Vendor...

IBM AIX 7.1/6.1 Sendmail本地权限提升漏洞

Bugtraq ID: 54206 CVE ID: CVE-2012-2200 IBM AIX是一款商业执行的操作系统。 在处理用户$HOME/.forward文件中某些结构时sendmail存在错误，允许本地攻击者利用漏洞以root特权执行任意代码。 0 IBM AIX 7.1 IBM AIX 6.1 厂商解决方案 用户可参考如下供应商提供的安全公告获得补丁信息： http://aix.software.ibm.com/aix/efixes/security/sendmail1advisory.asc...

CVE-2012-2200

The default configuration of sendmail in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, allows local users to gain privileges by entering a command in a .forward file in a home directory...

CVE-2012-2200

The default configuration of sendmail in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, allows local users to gain privileges by entering a command in a .forward file in a home directory...

CVE-2012-2200

The CVE-2012-2200 issue affects IBM AIX 6.1/7.1 (and VIOS 2.2.1.4-FP-25 SP-02) where the default sendmail configuration allows local users to gain root privileges by placing a command in a user’s .forward file. The root cause is execution of commands piped from the .forward mechanism within stock...

GLSA-201206-30 : sendmail: X.509 NULL spoofing vulnerability

The remote host is affected by the vulnerability described in GLSA-201206-30 sendmail: X.509 NULL spoofing vulnerability A vulnerability has been discovered in sendmail. Please review the CVE identifier referenced below for details. Impact : A remote attacker might employ a specially crafted...

sendmail: X.509 NULL spoofing vulnerability

Background sendmail is a widely-used Mail Transport Agent MTA. Description A vulnerability has been discovered in sendmail. Please review the CVE identifier referenced below for details. Impact A remote attacker might employ a specially crafted certificate to conduct man-in-the-middle attacks on...

Linux Gather Configurations

This module collects configuration files found on commonly installed applications and services, such as Apache, MySQL, Samba, Sendmail, etc. If a config file is found in its default path, the module will assume that is the file we want. This module requires Metasploit:...

CVE-2012-2140 rubygem-mail: arbitrary command execution when using exim or sendmail from commandline

The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a 1 sendmail or 2 exim delivery...

rubygem-mail -- multiple vulnerabilities

rubygem-mail -- multiple vulnerabilities Two issues were fixed. They are a file system traversal in filedelivery method and arbitrary command execution when using exim or sendmail from the command line...

PHP mb_send_mail() Function Parameter Security Bypass

According to its banner, the version of PHP installed on the remote host is affected by a flaw that allows an attacker to gain unauthorized privileges. When used with sendmail and when accepting remote input for the additionalparameters argument to the mbsendmail function, it is possible for...

Sendmail < 8.13.8 Header Processing Overflow DoS

The remote mail server is running a version of Sendmail earlier than 8.13.8. Such versions are reportedly affected by a use-after-free flaw that may allow an attacker to crash the server. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17724; scriptversion"1.9";...

Sendmail Mail Relay Vulnerability

Sendmail is prone to a mail relay vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:sendmail:sendmail"; ifdescriptio...

IT-Grundschutz M5.019: Einsatz der Sicherheitsmechanismen von sendmail

IT-Grundschutz M5.019: Einsatz der Sicherheitsmechanismen von sendmail. ACHTUNG: Dieser Test wird nicht mehr unterstützt. Er wurde ersetzt durch den entsprechenden Test der nun permanent and die aktuelle EL angepasst wird: OID 1.3.6.1.4.1.25623.1.0.95056 Diese Prüfung bezieht sich auf die 12...

IT-Grundschutz M5.019: Einsatz der Sicherheitsmechanismen von sendmail

IT-Grundschutz M5.019: Einsatz der Sicherheitsmechanismen von sendmail. ACHTUNG: Dieser Test wird nicht mehr unterstützt. Er wurde ersetzt durch den entsprechenden Test der nun permanent and die aktuelle EL angepasst wird: OID 1.3.6.1.4.1.25623.1.0.95056 Diese Prüfung bezieht sich auf die 12...

Slackware 8.1 / current : Sendmail buffer overflow fixed

The sendmail packages in Slackware 8.1 and -current have been patched to fix a security problem. All sites running sendmail should upgrade. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the associated Slackware Security Advisory. The...

Slackware 8.1 / 9.0 : Sendmail buffer overflow fixed (NEW)

The sendmail packages in Slackware 8.0, 8.1, and 9.0 have been patched to fix a security problem. Note that this vulnerability is NOT the same one that was announced on March 3rd and requires a new fix. All sites running sendmail should upgrade. C Tenable Network Security, Inc. The descriptive te...