182 matches found
CVE-2003-0979
FreeScripts VisitorBook LE visitorbook.pl does not properly escape line breaks in input, which allows remote attackers to 1 use VisitorBook as an open mail relay, when $mailuser is 1, via extra headers in the email field, or 2 cause the guestbook database to be deleted via a large number of line...
CVE-2003-0979
Vulnerability overview (CVE-2003-0979) FreeScripts VisitorBook LE (visitorbook.pl) fails to properly escape line breaks in user input. This can allow remote attackers to abuse the script as an open mail relay when $mailuser is 1 (via extra headers in the email field) and to trash the guestbook da...
CVE-2003-0979
FreeScripts VisitorBook LE visitorbook.pl does not properly escape line breaks in input, which allows remote attackers to 1 use VisitorBook as an open mail relay, when $mailuser is 1, via extra headers in the email field, or 2 cause the guestbook database to be deleted via a large number of line...
Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)
Westpoint Security Advisory Title: VisitorBook LE Mail Relay and Cross Site Scripting Risk Rating: Moderate Software: FreeScripts VisitorBook LE Platforms: Most Unix Vendor URL: http://www.freescripts.com/ Author: Paul Johnston [email protected] Date: 10th December 2003 Advisory ID: wp-03-000...
IBM AIX sendmail configured as open mail relay by default
Overview Sendmail shipped with IBM AIX is configured by default as an open mail relay. Unauthenticated, remote users can route mail through such a system. Description Sendmail is a widely used mail transfer agent MTA that is included with IBM AIX. According to IBM:The default configuration files...
CVE-2003-0285
IBM AIX 5.2 and earlier distributes Sendmail with a configuration file sendmail.cf with the 1 promiscuousrelay, 2 acceptunresolvabledomains, and 3 acceptunqualifiedsenders features enabled, which allows Sendmail to be used as an open mail relay for sending spam e-mail...
CVE-2003-0285
IBM AIX 5.2 and earlier distributes Sendmail with a configuration file sendmail.cf with the 1 promiscuousrelay, 2 acceptunresolvabledomains, and 3 acceptunqualifiedsenders features enabled, which allows Sendmail to be used as an open mail relay for sending spam e-mail...
CVE-2002-1278
The mailconf module in Linuxconf 1.24, and other versions before 1.28, on Conectiva Linux 6.0 through 8, and possibly other distributions, generates the Sendmail configuration file sendmail.cf in a way that configures Sendmail to run as an open mail relay, which allows remote attackers to send Sp...
poprelayd & sendmail Arbitrary Mail Relay
Nessus has detected that the remote SMTP server allows relaying for users which were identified by 'POP before SMTP'. The access control mechanism is based on the POP server logs. However, it is possible to poison these logs, which means that any spammer could be using your mail server to send...
Mail relaying via IIS SMTP service
Unauthorized mail relayin then using speciall address format...
Lotus Domino SMTP Server Allows Anonymous Relay of Quoted Addresses
Overview Lotus Domino includes an SMTP server. Under certain configurations, an intruder may be able to relay mail to third parties through the Domino SMTP server. Description An "open" mail server is one that will send mail that is not addressed to and does not originate from a local user. Open...
CVE-2001-1445
Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through 5.7 allows remote attackers to bypass mail relaying restrictions via crafted e-mail addresses in "RCPT TO" commands...
CVE-2000-0610
NetWin dMailWeb and cwMail 2.6g and earlier are affected by a vulnerability that allows remote attackers to bypass authentication and relay mail through the server by supplying a username that contains a carriage return. This entry is documented in CVE-2000-0610 with an NVD base score of 5.0 (Med...
CVE-2000-0610
NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to bypass authentication and use the server for mail relay via a username that contains a carriage return...
NetWin dMailWeb Unrestricted Mail Relay
Product: NetWin dMailWeb Type: Unrestricted Mail Relay Severity: Moderate Versions: = 2.6g: Case A All, configuration error: Case B Note: NetWin cwMail also appears vulnerable to the same attacks, and appears to be using exactly the same version numbers. --- Overview dMailWeb is a CGI application...
CVE-2000-0610
NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to bypass authentication and use the server for mail relay via a username that contains a carriage return...
Sambar Server /session/sendmail Arbitrary Mail Relay
The Sambar web server is running. It provides a web interface for sending emails. You may simply pass a POST request to /session/sendmail and by this send mails to anyone you want. Due to the fact that Sambar does not check HTTP referrers you do not need direct access to the server! %NASLMINLEVEL...
Sambar Server /cgi-bin/mailit.pl Arbitrary Mail Relay
The Sambar web server is running and the 'mailit.pl' cgi is installed. This CGI takes a POST request from any host and sends a mail to a supplied address. %NASLMINLEVEL 70300 Copyright 2000 by Hendrik Scholz Changes by Tenable: - Revised plugin title 4/2/2009 - Updated to use compat.inc, added CV...
CVE-1999-0512
CVE-1999-0512 describes a mail server that is explicitly configured to allow SMTP relaying, enabling abuse by spammers. The connected documents corroborate an open mail-relay condition detected by various scanners (Nessus/OpenVAS) and consistently reference reconfiguring the SMTP server to preven...
Lotus Domino 4.6.14.6.4 Notes - SMTPA MTA Mail Relay
Lotus Domino 4.6.14.6.4 Notes - SMTPA MTA Mail Relay source: https://www.securityfocus.com/bid/487/info Lotus Notes SMTP MTA is susceptible to being used as a mail relay for SPAM or other unsolicited email. Connecting to the mail server tcp25 and issuing a 'mail from' command with as the data may...