Code injection

mailscanner before 4.79.11-2.1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files. NOTE: this issue exists because of an incomplete fix for CVE-2008-5313...

CVE-2010-3292

The updatebad,phishingsites scripts in mailscanner 4.79.11-2 downloads files and trusts them without using encryption e.g., https or digital signature checking which could allow an attacker to replace certain configuration files e.g., phishing whitelist via dns/packet spoofing...

CVE-2010-3292

The CVE-2010-3292 entry concerns MailScanner (update{_bad,}_phishing_sites scripts) versions around 4.79.11-2. The vulnerability arises because downloaded files are trusted without encryption (e.g., HTTPS) or digital signatures, enabling a man-in-the-middle or spoofing to replace critical configu...

CVE-2010-3095

CVE-2010-3095 affects MailScanner; versions older than 4.79.11-2.1 are vulnerable to a local symlink attack allowing a local user to overwrite arbitrary files. Root cause is an incomplete fix for CVE-2008-5313. Debian/Red Hat/Ubuntu advisories indicate the fix is in 4.79.11-2.1 (and newer) for ba...

CVE-2010-3095

mailscanner before 4.79.11-2.1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files. NOTE: this issue exists because of an incomplete fix for CVE-2008-5313...

MailScanner Input Validation Error Vulnerability

MailScanner is an open source email filter for the Linux platform. The product is capable of scanning email for viruses, spam, phishing and malware. An input validation error vulnerability exists in MailScanner, which can be exploited by a local attacker to prevent the update of virus signatures...

CVE-2010-3293

mailscanner can allow local users to prevent virus signatures from being updated...

Code injection

mailscanner can allow local users to prevent virus signatures from being updated...

CVE-2010-3293

mailscanner can allow local users to prevent virus signatures from being updated...

CVE-2010-3293

mailscanner can allow local users to prevent virus signatures from being updated...

CVE-2010-3293

CVE-2010-3293 affects MailScanner. Multiple connected documents describe a local vulnerability that allows a local attacker to prevent virus signature updates, impacting integrity of antivirus definitions. Concrete root cause details (code path, component, affected versions) are not provided in t...

mailwatch <= 1.0.4 (docs.php doc) Local File Inclusion Vulnerability

No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ dunatstrcpy.pl mailwatch = 1.0.4 Local File Inclusion Vulnerability Script site:...

Subject: BSA-007 Security Update for mailscanner

Jan Wagner uploaded new packages for mailscanner which fixed the following security problems: CVE-2010-3095 incomplete fix for CVE-2008-5313 https://vulners.com/cve/CVE-2010-3095 The original text of CVE-2008-5313: mailscanner 4.68.8 and other versions before 4.74.16-1 might allow local users to...

Subject: BSA-007 Security Update for mailscanner

Jan Wagner uploaded new packages for mailscanner which fixed the following security problems: CVE-2010-3095 incomplete fix for CVE-2008-5313 https://vulners.com/cve/CVE-2010-3095 The original text of CVE-2008-5313: mailscanner 4.68.8 and other versions before 4.74.16-1 might allow local users to...

Directory traversal

Directory traversal vulnerability in docs.php in MailWatch for MailScanner 1.0.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the doc parameter...

CVE-2008-5991

Directory traversal vulnerability in docs.php in MailWatch for MailScanner 1.0.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the doc parameter...

CVE-2008-5991

MailWatch for MailScanner (versions up to 1.0.4 and earlier) contains a directory traversal vulnerability in docs.php that allows remote attackers to include and execute arbitrary local files by supplying a .. in the doc parameter. This is a local file inclusion risk that can lead to code executi...

CVE-2008-5991

Directory traversal vulnerability in docs.php in MailWatch for MailScanner 1.0.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the doc parameter...

[ MDVA-2008:241 ] mailscanner

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVA-2008:241 http://www.mandriva.com/security/ Package : mailscanner Date : December 22, 2008 Affected: Corporate 4.0 Problem Description: Local users can use symlink attacks throughout a flaw on trend-autoupdate scri...

mailscanner symbolic links vulnerability

Multiple symlink vulnerabilities in different scripts...