Lucene search
+L

182 matches found

NVD
NVD
added 2004/01/05 5:0 a.m.13 views

CVE-2003-0979

FreeScripts VisitorBook LE visitorbook.pl does not properly escape line breaks in input, which allows remote attackers to 1 use VisitorBook as an open mail relay, when $mailuser is 1, via extra headers in the email field, or 2 cause the guestbook database to be deleted via a large number of line...

5CVSS6.6AI score0.01041EPSS
Exploits0References2
CVE
CVE
added 2003/12/11 5:0 a.m.53 views

CVE-2003-0979

Vulnerability overview (CVE-2003-0979) FreeScripts VisitorBook LE (visitorbook.pl) fails to properly escape line breaks in user input. This can allow remote attackers to abuse the script as an open mail relay when $mailuser is 1 (via extra headers in the email field) and to trash the guestbook da...

5CVSS7AI score0.01041EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2003/12/11 5:0 a.m.20 views

CVE-2003-0979

FreeScripts VisitorBook LE visitorbook.pl does not properly escape line breaks in input, which allows remote attackers to 1 use VisitorBook as an open mail relay, when $mailuser is 1, via extra headers in the email field, or 2 cause the guestbook database to be deleted via a large number of line...

6.6AI score0.01041EPSS
Exploits0References2
securityvulns
securityvulns
added 2003/12/11 12:0 a.m.34 views

Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)

Westpoint Security Advisory Title: VisitorBook LE Mail Relay and Cross Site Scripting Risk Rating: Moderate Software: FreeScripts VisitorBook LE Platforms: Most Unix Vendor URL: http://www.freescripts.com/ Author: Paul Johnston [email protected] Date: 10th December 2003 Advisory ID: wp-03-000...

6.8AI score
Exploits0
CERT
CERT
added 2003/06/17 12:0 a.m.316 views

IBM AIX sendmail configured as open mail relay by default

Overview Sendmail shipped with IBM AIX is configured by default as an open mail relay. Unauthenticated, remote users can route mail through such a system. Description Sendmail is a widely used mail transfer agent MTA that is included with IBM AIX. According to IBM:The default configuration files...

5CVSS4.5AI score0.0503EPSS
Exploits0References5
NVD
NVD
added 2003/06/16 4:0 a.m.19 views

CVE-2003-0285

IBM AIX 5.2 and earlier distributes Sendmail with a configuration file sendmail.cf with the 1 promiscuousrelay, 2 acceptunresolvabledomains, and 3 acceptunqualifiedsenders features enabled, which allows Sendmail to be used as an open mail relay for sending spam e-mail...

5CVSS6.2AI score0.0503EPSS
Exploits0References5
Cvelist
Cvelist
added 2003/05/14 4:0 a.m.25 views

CVE-2003-0285

IBM AIX 5.2 and earlier distributes Sendmail with a configuration file sendmail.cf with the 1 promiscuousrelay, 2 acceptunresolvabledomains, and 3 acceptunqualifiedsenders features enabled, which allows Sendmail to be used as an open mail relay for sending spam e-mail...

4.4AI score0.0503EPSS
Exploits0References5
NVD
NVD
added 2002/11/12 5:0 a.m.22 views

CVE-2002-1278

The mailconf module in Linuxconf 1.24, and other versions before 1.28, on Conectiva Linux 6.0 through 8, and possibly other distributions, generates the Sendmail configuration file sendmail.cf in a way that configures Sendmail to run as an open mail relay, which allows remote attackers to send Sp...

7.5CVSS6.6AI score0.02453EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2002/08/14 12:0 a.m.62 views

poprelayd & sendmail Arbitrary Mail Relay

Nessus has detected that the remote SMTP server allows relaying for users which were identified by 'POP before SMTP'. The access control mechanism is based on the POP server logs. However, it is possible to poison these logs, which means that any spammer could be using your mail server to send...

5CVSS5.7AI score0.02734EPSS
Exploits1References3
securityvulns
securityvulns
added 2002/07/13 12:0 a.m.43 views

Mail relaying via IIS SMTP service

Unauthorized mail relayin then using speciall address format...

2.4AI score
Exploits0References1Affected Software1
CERT
CERT
added 2001/03/02 12:0 a.m.17 views

Lotus Domino SMTP Server Allows Anonymous Relay of Quoted Addresses

Overview Lotus Domino includes an SMTP server. Under certain configurations, an intruder may be able to relay mail to third parties through the Domino SMTP server. Description An "open" mail server is one that will send mail that is not addressed to and does not originate from a local user. Open...

6.6AI score
Exploits0References1
NVD
NVD
added 2001/03/01 5:0 a.m.13 views

CVE-2001-1445

Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through 5.7 allows remote attackers to bypass mail relaying restrictions via crafted e-mail addresses in "RCPT TO" commands...

7.5CVSS6.7AI score0.01949EPSS
Exploits0References3
CVE
CVE
added 2000/10/13 4:0 a.m.50 views

CVE-2000-0610

NetWin dMailWeb and cwMail 2.6g and earlier are affected by a vulnerability that allows remote attackers to bypass authentication and relay mail through the server by supplying a username that contains a carriage return. This entry is documented in CVE-2000-0610 with an NVD base score of 5.0 (Med...

5CVSS7.3AI score0.016EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2000/10/13 4:0 a.m.21 views

CVE-2000-0610

NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to bypass authentication and use the server for mail relay via a username that contains a carriage return...

6.9AI score0.016EPSS
Exploits0References3
securityvulns
securityvulns
added 2000/06/25 12:0 a.m.57 views

NetWin dMailWeb Unrestricted Mail Relay

Product: NetWin dMailWeb Type: Unrestricted Mail Relay Severity: Moderate Versions: = 2.6g: Case A All, configuration error: Case B Note: NetWin cwMail also appears vulnerable to the same attacks, and appears to be using exactly the same version numbers. --- Overview dMailWeb is a CGI application...

7.2AI score
Exploits0
NVD
NVD
added 2000/06/23 4:0 a.m.13 views

CVE-2000-0610

NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to bypass authentication and use the server for mail relay via a username that contains a carriage return...

5CVSS6.9AI score0.016EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2000/05/25 12:0 a.m.32 views

Sambar Server /session/sendmail Arbitrary Mail Relay

The Sambar web server is running. It provides a web interface for sending emails. You may simply pass a POST request to /session/sendmail and by this send mails to anyone you want. Due to the fact that Sambar does not check HTTP referrers you do not need direct access to the server! %NASLMINLEVEL...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2000/05/25 12:0 a.m.101 views

Sambar Server /cgi-bin/mailit.pl Arbitrary Mail Relay

The Sambar web server is running and the 'mailit.pl' cgi is installed. This CGI takes a POST request from any host and sends a mail to a supplied address. %NASLMINLEVEL 70300 Copyright 2000 by Hendrik Scholz Changes by Tenable: - Revised plugin title 4/2/2009 - Updated to use compat.inc, added CV...

5.5AI score
Exploits0
CVE
CVE
added 2000/02/04 5:0 a.m.466 views

CVE-1999-0512

CVE-1999-0512 describes a mail server that is explicitly configured to allow SMTP relaying, enabling abuse by spammers. The connected documents corroborate an open mail-relay condition detected by various scanners (Nessus/OpenVAS) and consistently reference reconfiguring the SMTP server to preven...

10CVSS4.5AI score0.12035EPSS
Exploits0References1
exploitpack
exploitpack
added 1999/06/15 12:0 a.m.25 views

Lotus Domino 4.6.14.6.4 Notes - SMTPA MTA Mail Relay

Lotus Domino 4.6.14.6.4 Notes - SMTPA MTA Mail Relay source: https://www.securityfocus.com/bid/487/info Lotus Notes SMTP MTA is susceptible to being used as a mail relay for SPAM or other unsolicited email. Connecting to the mail server tcp25 and issuing a 'mail from' command with as the data may...

Exploits0
Rows per page
Query Builder