Lucene search
+L

182 matches found

exploitpack
exploitpack
added 2005/02/22 12:0 a.m.9 views

Biz Mail Form 2.x - Unauthorized Mail Relay

Biz Mail Form 2.x - Unauthorized Mail Relay source: https://www.securityfocus.com/bid/12620/info Biz Mail Form is prone to a vulnerability that allows the application to be abused as a mail relay. An attacker can exploit this issue to inject arbitrary SMTP headers by using CR and LF sequences. If...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/02/22 12:0 a.m.50 views

BizMail bizmail.cgi Arbitrary Mail Relay

The remote web server is hosting the CGI bizmail.cgi, a CGI script for sending the content of web forms to email addresses. The remote version of this software fails to sanitize the 'email' parameter to the 'bizmail.cgi' script of CRLF sequences. An unauthenticated, remote attacker may be able to...

5CVSS5.5AI score0.0144EPSS
Exploits0References3
Cvelist
Cvelist
added 2005/02/15 5:0 a.m.22 views

CVE-2005-0431

Barracuda Spam Firewall 3.1.10 and earlier does not restrict the domains that white-listed domains can send mail to, which allows members of white-listed domains to use Barracuda as an open mail relay for spam...

4.6AI score0.01283EPSS
Exploits0References3
CVE
CVE
added 2005/02/15 5:0 a.m.51 views

CVE-2005-0431

CVE-2005-0431 : Barracuda Spam Firewall 3.1.10 and earlier allows white-listed domains to relay mail to arbitrary destinations, creating an open relay. Root cause: insufficient restriction on destination domains for white-listed senders. Impact: enables spam relaying; CVSS from NVD lists base sco...

7.5CVSS4.6AI score0.01283EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2004/12/23 5:0 a.m.15 views

CVE-2004-0833

Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages...

7.5CVSS6.4AI score0.02507EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2004/12/23 5:0 a.m.30 views

CVE-2004-0833

Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages...

7.5CVSS5.9AI score0.02507EPSS
Exploits0References1
OSV
OSV
added 2004/12/23 5:0 a.m.7 views

CVE-2004-0833

Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages...

6.4AI score
Exploits0References6
exploitpack
exploitpack
added 2004/12/15 12:0 a.m.16 views

QwikMail 0.3 - HELO Buffer Overflow (PoC)

QwikMail 0.3 - HELO Buffer Overflow PoC source: www.securityfocus.com/bid/11989/info QwikMail qwik-smtpd is reported prone to a remotely exploitable buffer overflow vulnerability. The issue is due to insufficient bounds checking of client-supplied SMTP HELO request data. This issue could...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2004/12/15 12:0 a.m.24 views

QwikMail 0.3 - 'HELO' Buffer Overflow (PoC)

source: www.securityfocus.com/bid/11989/info QwikMail qwik-smtpd is reported prone to a remotely exploitable buffer overflow vulnerability. The issue is due to insufficient bounds checking of client-supplied SMTP HELO request data. This issue could theoretically be exploited to execute arbitrary...

7AI score
Exploits0
CVE
CVE
added 2004/11/19 5:0 a.m.70 views

CVE-2004-0833

CVE-2004-0833 affects Debian GNU/Linux Sendmail prior to 8.12.3 when sasl/sasl-bin is used. The Debian security advisory indicates that the Sendmail configuration script initializes the sasl database with a fixed username and password, enabling a remote attacker to use Sendmail as an open mail re...

7.5CVSS6.3AI score0.02507EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2004/11/19 5:0 a.m.57 views

CVE-2004-0833

Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages...

7.5CVSS4.8AI score0.02507EPSS
Exploits0
Cvelist
Cvelist
added 2004/11/19 5:0 a.m.30 views

CVE-2004-0833

Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages...

6.3AI score0.02507EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.30 views

Debian DSA-437-1 : cgiemail - open mail relay

A vulnerability was discovered in cgiemail, a CGI program used to email the contents of an HTML form, whereby it could be used to send email to arbitrary addresses. This type of vulnerability is commonly exploited to send unsolicited commercial email spam. %NASLMINLEVEL 70300 C Tenable Network...

5CVSS5.7AI score0.01387EPSS
Exploits0References2
CVE
CVE
added 2004/09/01 4:0 a.m.127 views

CVE-2002-1278

CVE-2002-1278 affects Linuxconf’s mailconf module (Linuxconf 1.24 and earlier than 1.28) on Conectiva Linux 6.0–8 (and possibly other distros). The vulnerability stems from generating sendmail.cf in a way that leaves Sendmail configured as an open relay, enabling remote attackers to send spam. Pu...

7.5CVSS4.6AI score0.02453EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.28 views

CVE-2002-1278

The mailconf module in Linuxconf 1.24, and other versions before 1.28, on Conectiva Linux 6.0 through 8, and possibly other distributions, generates the Sendmail configuration file sendmail.cf in a way that configures Sendmail to run as an open mail relay, which allows remote attackers to send Sp...

4.5AI score0.02453EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2004/08/18 12:0 a.m.18 views

MS SMTP NULL Session Mail Relay

Binary data 2040.prm...

7.5CVSS7.3AI score0.22328EPSS
Exploits0References2
OSV
OSV
added 2004/06/01 4:0 a.m.4 views

CVE-2004-0156

Format string vulnerabilities in the 1 die or 2 logevent functions for ssmtp before 2.50.6 allow remote mail relays to cause a denial of service and possibly execute arbitrary code...

7.5AI score
Exploits0References14
OSV
OSV
added 2004/04/14 12:0 a.m.19 views

DSA-485 ssmtp - format string

Bulletin has no description...

5CVSS6.1AI score0.03504EPSS
Exploits0
securityvulns
securityvulns
added 2004/02/16 12:0 a.m.48 views

[SECURITY] [DSA 437-1] New cgiemail packages fix open mail relaying

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 437-1 [email protected] http://www.debian.org/security/ Matt Zimmerman February 11th, 2004 http://www.debian.org/security/faq -...

5CVSS0.3AI score0.01387EPSS
Exploits0
Debian
Debian
added 2004/02/12 3:28 a.m.48 views

[SECURITY] [DSA 437-1] New cgiemail packages fix open mail relaying

-------------------------------------------------------------------------- Debian Security Advisory DSA 437-1 [email protected] http://www.debian.org/security/ Matt Zimmerman February 11th, 2004 http://www.debian.org/security/faq -...

5CVSS6AI score0.01387EPSS
Exploits0
Rows per page
Query Builder