Lucene search
K

256 matches found

OpenVAS
OpenVAS
added 2020/02/28 12:0 a.m.73 views

Debian: Security Advisory (DSA-4634-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.6AI score0.889EPSS
Exploits10References4
CNVD
CNVD
added 2020/02/27 12:0 a.m.4 views

OpenSMTPD Local Information Disclosure Vulnerability

OpenSMTPD is a free server-side implementation of the SMTP protocol , and provides some additional standard extensions . OpenSMTPD suffers from a local information disclosure vulnerability. A local attacker can exploit the vulnerability to read arbitrary files...

4.7CVSS6.2AI score0.009EPSS
Exploits4References1
CNVD
CNVD
added 2020/02/27 12:0 a.m.3 views

Command Execution Vulnerability Exists in OpenSMTPD's

OpenSMTPD is a free implementation of the server-side SMTP protocol , and provides some additional standard extensions . OpenSMTPD's suffers from a command execution vulnerability. An attacker can execute arbitrary shell commands on a vulnerable OpenSMTPD installation...

10CVSS7.9AI score0.889EPSS
Exploits10References1
Tenable Nessus
Tenable Nessus
added 2020/02/27 12:0 a.m.29 views

Debian DSA-4634-1 : opensmtpd - security update

Qualys discovered that the OpenSMTPD SMTP server performed insufficient validation of SMTP commands, which could result in local privilege escalation or the execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

10CVSS8.9AI score0.889EPSS
Exploits10References4
Debian
Debian
added 2020/02/26 9:34 p.m.72 views

[SECURITY] [DSA 4634-1] opensmtpd security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4634-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 26, 2020 https://www.debian.org/security/faq -...

10CVSS9.5AI score0.889EPSS
Exploits10
0day.today
0day.today
added 2020/02/26 12:0 a.m.158 views

OpenSMTPD 6.6.3 - Arbitrary File Read Exploit

Title: OpenSMTPD 6.6.3 - Arbitrary File Read Author: qualys Vendor: https://www.opensmtpd.org/ CVE: 2020-8793 / Local information disclosure in OpenSMTPD CVE-2020-8793 Copyright C 2020 Qualys, Inc. This program is free software: you can redistribute it and/or modify it under the terms of the GNU...

4.7CVSS0.3AI score0.009EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/02/26 12:0 a.m.181 views

OpenSMTPD < 6.6.3p1 - Local Privilege Escalation + Remote Code Execution

/ LPE and RCE in OpenSMTPD's default install CVE-2020-8794 Copyright C 2020 Qualys, Inc. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or at...

10CVSS9.6AI score0.889EPSS
Exploits10
Exploit DB
Exploit DB
added 2020/02/26 12:0 a.m.195 views

OpenSMTPD 6.6.3 - Arbitrary File Read

Title: OpenSMTPD 6.6.3 - Arbitrary File Read Date: 2020-02-20 Author: qualys Vendor: https://www.opensmtpd.org/ CVE: 2020-8793 / Local information disclosure in OpenSMTPD CVE-2020-8793 Copyright C 2020 Qualys, Inc. This program is free software: you can redistribute it and/or modify it under the...

4.7CVSS5.9AI score0.009EPSS
Exploits4
0day.today
0day.today
added 2020/02/26 12:0 a.m.841 views

OpenSMTPD < 6.6.3p1 - Local Privilege Escalation / Remote Code Execution Exploit

/ LPE and RCE in OpenSMTPD's default install CVE-2020-8794 Copyright C 2020 Qualys, Inc. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or at...

10CVSS0.4AI score0.889EPSS
Exploits10
exploitpack
exploitpack
added 2020/02/26 12:0 a.m.112 views

OpenSMTPD 6.6.3p1 - Local Privilege Escalation + Remote Code Execution

OpenSMTPD 6.6.3p1 - Local Privilege Escalation + Remote Code Execution / LPE and RCE in OpenSMTPD's default install CVE-2020-8794 Copyright C 2020 Qualys, Inc. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by...

10CVSS0.5AI score0.889EPSS
Exploits10
exploitpack
exploitpack
added 2020/02/26 12:0 a.m.96 views

OpenSMTPD 6.6.3 - Arbitrary File Read

OpenSMTPD 6.6.3 - Arbitrary File Read Title: OpenSMTPD 6.6.3 - Arbitrary File Read Date: 2020-02-20 Author: qualys Vendor: https://www.opensmtpd.org/ CVE: 2020-8793 / Local information disclosure in OpenSMTPD CVE-2020-8793 Copyright C 2020 Qualys, Inc. This program is free software: you can...

4.7CVSS0.1AI score0.009EPSS
Exploits4
OSV
OSV
added 2020/02/26 12:0 a.m.21 views

DSA-4634-1 opensmtpd - security update

Bulletin has no description...

10CVSS9.4AI score0.889EPSS
Exploits10
NVD
NVD
added 2020/02/25 5:15 p.m.22 views

CVE-2020-8794

OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mtaio in mtasession.c for multi-line replies. Although this vulnerability affects the client side of OpenSMTPD, it is possible to attack a server because the server code launches the client code during bounce...

10CVSS9.6AI score0.889EPSS
Exploits10References11
OSV
OSV
added 2020/02/25 5:15 p.m.1 views

DEBIAN-CVE-2020-8793

OpenSMTPD before 6.6.4 allows local users to read arbitrary files e.g., on some Linux distributions because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c...

4.7CVSS5AI score0.009EPSS
Exploits4References1
OSV
OSV
added 2020/02/25 5:15 p.m.19 views

CVE-2020-8793

OpenSMTPD before 6.6.4 allows local users to read arbitrary files e.g., on some Linux distributions because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c...

4.7CVSS6.3AI score
Exploits0References5
NVD
NVD
added 2020/02/25 5:15 p.m.57 views

CVE-2020-8793

OpenSMTPD before 6.6.4 allows local users to read arbitrary files e.g., on some Linux distributions because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c...

4.7CVSS5.5AI score0.009EPSS
Exploits4References5
OSV
OSV
added 2020/02/25 5:15 p.m.21 views

CVE-2020-8794

OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mtaio in mtasession.c for multi-line replies. Although this vulnerability affects the client side of OpenSMTPD, it is possible to attack a server because the server code launches the client code during bounce...

9.8CVSS9.6AI score
Exploits0References11
Prion
Prion
added 2020/02/25 5:15 p.m.23 views

Race condition

OpenSMTPD before 6.6.4 allows local users to read arbitrary files e.g., on some Linux distributions because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c...

4.7CVSS4.8AI score0.009EPSS
Exploits4References5Affected Software3
UbuntuCve
UbuntuCve
added 2020/02/25 5:15 p.m.26 views

CVE-2020-8793

OpenSMTPD before 6.6.4 allows local users to read arbitrary files e.g., on some Linux distributions because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c...

4.7CVSS6AI score0.009EPSS
Exploits4References3
Prion
Prion
added 2020/02/25 5:15 p.m.23 views

Remote code execution

OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mtaio in mtasession.c for multi-line replies. Although this vulnerability affects the client side of OpenSMTPD, it is possible to attack a server because the server code launches the client code during bounce...

10CVSS9.5AI score0.889EPSS
Exploits10References11Affected Software4
Rows per page
Query Builder