CVE-1999-1592

Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129...

CVE-1999-1592

Technical details about CVE-1999-1592 are not publicly provided in the supplied documents; no explicit affected products, vulnerable components, root cause, or remediation are present. Monitor for updates.

Debian DSA-1315-1 : libphp-phpmailer - missing input validation

Thor Larholm discovered that libphp-phpmailer, an email transfer class for PHP, performs insufficient input validition if configured to use Sendmail. This allows the execution of arbitrary shell commands. The oldstable distribution sarge doesn't include libphp-phpmailer. %NASLMINLEVEL 70300 C...

symfony 1.0.5 released (security fix)

I've just released symfony 1.0.5. If you use the symfony built-in phpmailer and you do if you use the -sendMail method in your actions, you must upgrade to this release or apply the following patch: http://trac.symfony-project.com/trac/changeset/4380?format=diff&new=4380. PHPMailer has a remote...

DSA-1315-1 libphp-phpmailer

Bulletin has no description...

DEBIAN-CVE-2007-3215

PHPMailer 1.7, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php...

Command injection

PHPMailer 1.7, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php...

CVE-2007-3215

PHPMailer CVE-2007-3215 describes a remote code execution in PHPMailer 1.7 when configured to use Sendmail, allowing shell metacharacters in SendmailSend to execute commands. The issue is noted in multiple advisories (e.g., OSV/GHSA entries) and was fixed in PHPMailer 1.7.4. Public disclosures in...

CVE-2007-3215

PHPMailer 1.7, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php...

[SECURITY] Fedora Core 5 Update: spamassassin-3.1.9-1.fc5.1

SpamAssassin provides you with a way to reduce if not completely eliminate Unsolicited Commercial Email SPAM from your incoming email. It can be invoked by a MDA such as sendmail or postfix, or can be called from a procmail script, .forward file, etc. It uses a genetic-algorithm evolved scoring...

PHPMailer command execution

PHPMailer is a widely deployed utility class used in PHP application to handle emails sent through sendmail, PHP mailto or SMTP. It is used in PHP applications such as WordPress, Mantis, WebCalendar, Group-Office and Joomla. The last official release happened on July 11, 2005. If you have...

Low: sendmail security and bug fix update

8.13.1-3.2.el4 - fixed infinite loop within tls read by enabling FFRDEALWITHERRORSSL Resolves: rhbz121850 - fixed incorrect path to selinuxenabled in initscript Resolves: rhbz152282 - removed rpm build artifacts from sendmail-cf package Resolves: rhbz152955 - fixed missing socketmap support...

SOL2339 - Remote Buffer Overflow in Sendmail - CA-2003-07

If you have configured sendmail as a daemon that is, it is listening on port 25 and relays mail, you can use the /etc/hosts.allow file to restrict access to the daemon from trusted hosts...

SOL6339 - Sendmail race condition - VU#834865

F5 Networks Product Development tracked this issue and it was fixed in BIG-IP and 3-DNS version 4.5.11 for the 4.5 software branch and in version 4.6.2 for the 4.6 software branch. F5 Networks Product Development tracked this issue and it was fixed in WebAccelerator version 5.2 for the 5.x softwa...

sendmail security update

CentOS Errata and Security Advisory CESA-2007:0252 Updated sendmail packages that fix a security issue and various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. Sendmail is a very widely used...

RHEL 4 : sendmail (RHSA-2007:0252)

Updated sendmail packages that fix a security issue and various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. Sendmail is a very widely used Mail Transport Agent MTA. MTAs deliver mail from on...

Low: Red Hat Security Advisory: sendmail security and bug fix update

Updated sendmail packages that fix a security issue and various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. Sendmail is a very widely used Mail Transport Agent MTA. MTAs deliver mail from on...

sendmail allows external mail with from address [email protected]

The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not reject the "localhost.localdomain" domain name for e-mail messages that come from external hosts, which might allow remote attackers to spoof messages...

Code injection

Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: due to the lack of details from HP, it is not known whether this...

CVE-2007-2246

Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: due to the lack of details from HP, it is not known whether this...