858 matches found
OpenSSL 1.1.0 - Remote Client Denial of Service
OpenSSL 1.1.0 - Remote Client Denial of Service // Source: https://guidovranken.wordpress.com/2017/01/26/cve-2017-3730-openssl-1-1-0-remote-client-denial-of-service-affects-servers-as-well-poc/ / SSL server demonstration program Copyright C 2006-2015, ARM Limited, All Rights Reserved...
Postfix Admin Cross-Site Request Forgery Vulnerability
Postfix Admin is a web-based administration tool for Postfix mail delivery servers. Postfix Admin provides different configuration operations via HTTP GET and HTTP POST, these GET and POST operations cause CSRF attacks. Attackers are able to gain access to the administrator session and add...
Postfix Admin 2.93 Cross Site Request Forgery
RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Postfix Admin Vendor URL: sourceforge.net/projects/postfixadmin/ Type: Cross-Site Request Forgery CWE-253 Date found: 2016-04-23 Date published: 2016-05-21 CVSSv3 Score: 4.6...
OpenSSL CVE-2 0 1 6-0 8 0 0 and CVE-2 0 1 6-0 7 0 3 bug fixes the details of pick-up fun-vulnerability warning-the black bar safety net
Details 3 6 0 including a portion of the information security practice of course, the“3 6 0 Information Security Department”progressively adhering to best security practices in the https and other ssl fields gradually made significant changes. Such as important system to prohibit unsafe cipher...
Postfix SMTP Server Detection (SMTP)
SMTP based detection of Postfix. SPDX-FileCopyrightText: 2016 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.111086";...
CVE-2008-4977
postfixgroups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/postfixgroups.stdout, 2 /tmp/postfixgroups.stderr, and 3 /tmp/postfixgroups.message temporary files. NOTE: the vendor disputes this vulnerability, stating "This is not a real issue...
Oracle: Security Advisory (ELSA-2008-0839)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2011-0843)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2011-0422)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2011-0423)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mac OS X : OS X Server < 4.1 Multiple Vulnerabilities (POODLE)
The remote Mac OS X host has a version of OS X Server installed that is prior 4.1. It is, therefore, affected by vulnerabilities in the following components : - Dovecot - Firewall - Postfix - Wiki Server C Tenable Network Security, Inc. include'compat.inc'; if description scriptid83088;...
Send-Only Postfix Server
Postfix is an MTA Mail Transfer Agent, an application used to send and receive email. In this tutorial, we will install and configure Postfix so that it can be used to send emails by local applications only. Why would you want to do that? If you’re already using a third-party email provider for...
FreeBSD : mailman -- path traversal vulnerability (a5f160fa-deee-11e4-99f8-080027ef73ec)
Mark Sapiro reports : A path traversal vulnerability has been discovered and fixed. This vulnerability is only exploitable by a local user on a Mailman server where the suggested Exim transport, the Postfix postfixtomailman.py transport or some other programmatic MTA delivery not using aliases is...
Debian DLA-186-1 : mailman security update
A path traversal vulnerability was discovered in Mailman, the mailing list manager. Installations using a transport script such as postfix-to-mailman.py to interface with their MTA instead of static aliases were vulnerable to a path traversal attack. To successfully exploit this, an attacker need...
[SECURITY] [DLA 186-1] mailman security update
Package : mailman Version : 1:2.1.13-6 CVE ID : CVE-2015-2775 Debian Bug : 781626 A path traversal vulnerability was discovered in Mailman, the mailing list manager. Installations using a transport script such as postfix-to-mailman.py to interface with their MTA instead of static aliases were...
[SECURITY] [DSA 3214-1] mailman security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3214-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst April 06, 2015 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 3214-1 (mailman - security update)
A path traversal vulnerability was discovered in Mailman, the mailing list manager. Installations using a transport script such as postfix-to-mailman.py to interface with their MTA instead of static aliases were vulnerable to a path traversal attack. To successfully exploit this, an attacker need...
DLA-186-1 mailman - security update
Bulletin has no description...
DSA-3214-1 mailman - security update
Bulletin has no description...
Debian: Security Advisory (DSA-3214-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...