182 matches found
Biz Mail Form 2.x - Unauthorized Mail Relay
Biz Mail Form 2.x - Unauthorized Mail Relay source: https://www.securityfocus.com/bid/12620/info Biz Mail Form is prone to a vulnerability that allows the application to be abused as a mail relay. An attacker can exploit this issue to inject arbitrary SMTP headers by using CR and LF sequences. If...
BizMail bizmail.cgi Arbitrary Mail Relay
The remote web server is hosting the CGI bizmail.cgi, a CGI script for sending the content of web forms to email addresses. The remote version of this software fails to sanitize the 'email' parameter to the 'bizmail.cgi' script of CRLF sequences. An unauthenticated, remote attacker may be able to...
CVE-2005-0431
Barracuda Spam Firewall 3.1.10 and earlier does not restrict the domains that white-listed domains can send mail to, which allows members of white-listed domains to use Barracuda as an open mail relay for spam...
CVE-2005-0431
CVE-2005-0431 : Barracuda Spam Firewall 3.1.10 and earlier allows white-listed domains to relay mail to arbitrary destinations, creating an open relay. Root cause: insufficient restriction on destination domains for white-listed senders. Impact: enables spam relaying; CVSS from NVD lists base sco...
CVE-2004-0833
Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages...
CVE-2004-0833
Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages...
CVE-2004-0833
Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages...
QwikMail 0.3 - HELO Buffer Overflow (PoC)
QwikMail 0.3 - HELO Buffer Overflow PoC source: www.securityfocus.com/bid/11989/info QwikMail qwik-smtpd is reported prone to a remotely exploitable buffer overflow vulnerability. The issue is due to insufficient bounds checking of client-supplied SMTP HELO request data. This issue could...
QwikMail 0.3 - 'HELO' Buffer Overflow (PoC)
source: www.securityfocus.com/bid/11989/info QwikMail qwik-smtpd is reported prone to a remotely exploitable buffer overflow vulnerability. The issue is due to insufficient bounds checking of client-supplied SMTP HELO request data. This issue could theoretically be exploited to execute arbitrary...
CVE-2004-0833
CVE-2004-0833 affects Debian GNU/Linux Sendmail prior to 8.12.3 when sasl/sasl-bin is used. The Debian security advisory indicates that the Sendmail configuration script initializes the sasl database with a fixed username and password, enabling a remote attacker to use Sendmail as an open mail re...
CVE-2004-0833
Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages...
CVE-2004-0833
Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages...
Debian DSA-437-1 : cgiemail - open mail relay
A vulnerability was discovered in cgiemail, a CGI program used to email the contents of an HTML form, whereby it could be used to send email to arbitrary addresses. This type of vulnerability is commonly exploited to send unsolicited commercial email spam. %NASLMINLEVEL 70300 C Tenable Network...
CVE-2002-1278
CVE-2002-1278 affects Linuxconf’s mailconf module (Linuxconf 1.24 and earlier than 1.28) on Conectiva Linux 6.0–8 (and possibly other distros). The vulnerability stems from generating sendmail.cf in a way that leaves Sendmail configured as an open relay, enabling remote attackers to send spam. Pu...
CVE-2002-1278
The mailconf module in Linuxconf 1.24, and other versions before 1.28, on Conectiva Linux 6.0 through 8, and possibly other distributions, generates the Sendmail configuration file sendmail.cf in a way that configures Sendmail to run as an open mail relay, which allows remote attackers to send Sp...
MS SMTP NULL Session Mail Relay
Binary data 2040.prm...
CVE-2004-0156
Format string vulnerabilities in the 1 die or 2 logevent functions for ssmtp before 2.50.6 allow remote mail relays to cause a denial of service and possibly execute arbitrary code...
DSA-485 ssmtp - format string
Bulletin has no description...
[SECURITY] [DSA 437-1] New cgiemail packages fix open mail relaying
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 437-1 [email protected] http://www.debian.org/security/ Matt Zimmerman February 11th, 2004 http://www.debian.org/security/faq -...
[SECURITY] [DSA 437-1] New cgiemail packages fix open mail relaying
-------------------------------------------------------------------------- Debian Security Advisory DSA 437-1 [email protected] http://www.debian.org/security/ Matt Zimmerman February 11th, 2004 http://www.debian.org/security/faq -...