56 matches found
NewStart CGSL MAIN 7.02 : postfix Vulnerability (NS-SA-2025-0159)
The remote NewStart CGSL host, running version MAIN 7.02, has postfix packages installed that are affected by a vulnerability: - Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpddatarestrictions=rejectunauthpipelining and smtpddiscardehlokeywords=chunking or certain other...
The vulnerability of the Postfix mail server’s smtpd service allows attackers to circumvent security restrictions and carry out email substitution attacks (type of SMTP Smuggling attack).
The vulnerability of the Postfix mail server’s smtp daemon is related to insufficient verification of data authenticity when processing line endings other than . Exploiting this vulnerability allows a malicious actor to bypass security restrictions and replace emails a type of SMTP smuggling atta...
Fedora 38 : postfix (2024-5c186175f2)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-5c186175f2 advisory. Security fix for CVE-2023-51764. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
SUSE SLED15: postfix / postfix-bdb / postfix-bdb-lmdb / postfix-devel / etc (SUSE-SU-2023:4981-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4981-1 advisory. - CVE-2023-51764: Fixed new SMTP smuggling attack bsc1218304. Tenable has extracted the preceding...
AZL-32296 CVE-2023-51764 affecting package postfix for versions less than 3.7.0-3
Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpddatarestrictions=rejectunauthpipelining and smtpddiscardehlokeywords=chunking or certain other options that exist in recent versions. Remote attackers can use a published exploitation technique to inject e-mail messages with ...
The vulnerability in the postfix package of operating systems OpenSUSE Leap, SUSE Linux Enterprise Server for SAP Applications, Suse Linux Enterprise Server, and Suse Linux Enterprise Desktop allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability in the postfix package of operating systems OpenSUSE Leap, SUSE Linux Enterprise Server for SAP Applications, Suse Linux Enterprise Server, and Suse Linux Enterprise Desktop is related to an incorrect definition of links before accessing a file. Exploiting this vulnerability can...
SUSE CVE-2003-0540
The address parser code in Postfix 1.1.12 and earlier allows remote attackers to cause a denial of service lock via 1 a malformed envelope address to a local host that would generate a bounce and contains the ".!" string in the MAIL FROM or Errors-To headers, which causes nqmgr to lock up, or 2 v...
SUSE CVE-2008-2936
Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this symlink and then sending ...
SUSE CVE-2008-3889
Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel, leaks epoll file descriptors during execution of "non-Postfix" commands, which allows local users to cause a denial of service application slowdown or exit via a crafted command, as...
Information Disclosure
postfix is vulnerable to information disclosure. It was discovered that Postfix did not properly check the permissions of users' mailbox files. A local attacker able to create files in the mail spool directory could use this flaw to create mailbox files for other local users, and be able to read...
libdb: Reads DB_CONFIG from the current working directory
Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges by leveraging undocumented functionality in Berkeley DB 2.x and later, related to reading settings from DBCONFIG in the current directory...
CVE-2017-10140
Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges by leveraging undocumented functionality in Berkeley DB 2.x and later, related to reading settings from DBCONFIG in the current directory...
CVE-2011-1720
The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service...
Ubuntu 7.10 / 8.04 LTS : postfix vulnerability (USN-642-1)
Wietse Venema discovered that Postfix leaked internal file descriptors when executing non-Postfix commands. A local attacker could exploit this to cause Postfix to run out of descriptors, leading to a denial of service. Note that Tenable Network Security has extracted the preceding description...
CVE-2008-4977
postfixgroups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/postfixgroups.stdout, 2 /tmp/postfixgroups.stderr, and 3 /tmp/postfixgroups.message temporary files. NOTE: the vendor disputes this vulnerability, stating "This is not a real issue...
Postfix 2.6-20080814 - symlink Local Privilege Escalation
Postfix 2.6-20080814 - symlink Local Privilege Escalation !/bin/sh "rspocfix.sh" PoC for Postfix local root vulnerability: CVE-2008-2936 by Roman Medina-Heigl Hernandez a.k.a. RoMaNSoFt Tested: Ubuntu / Debian Madrid, 30.Aug.2008 Config writabledir=/tmp spooldir=/var/mail Use "postconf...
CVE-2008-2936
Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this symlink and then sending ...
CVE-2008-2936
Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this symlink and then sending ...
CVE-2008-2937
Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user's account name...
CVE-2005-0337
Postfix 2.1.3, when /proc/net/ifinet6 is not available and permitmxbackup is enabled in smtpdrecipientrestrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname...