858 matches found
DTSA-155-1 postfix - local privilege escalation
Bulletin has no description...
SuSE 10 Security Update : Postfix (ZYPP Patch Number 5500)
A local privilege escalation vulnerability as well as a mailbox ownership problem has been fixed in postfix. CVE-2008-2936 / CVE-2008-2937 have been assigned to this problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
Security fix for the ALT Linux 5 package postfix version 1:2.4.8-alt1
Aug. 5, 2008 Dmitry V. Levin 1:2.4.8-alt1 - Updated to 2.4.8 fixes CVE-2008-2936...
GLD (Greylisting Daemon) Postfix Buffer Overflow
This module exploits a stack buffer overflow in the Salim Gasmi GLD 'GLD Greylisting Daemon Postfix Buffer Overflow', 'Description' = %q This module exploits a stack buffer overflow in the Salim Gasmi GLD 'aushack' , 'Arch' = ARCHX86, 'Platform' = 'linux', 'References' = 'CVE', '2005-1099' ,...
policyd-weight: Insecure temporary file creation
Background policyd-weight is a Perl policy daemon for the Postfix MTA intended to eliminate forged envelope senders and HELOs. Description Chris Howells reported that policyd-weight creates and uses the "/tmp/.policyd-weight/" directory in an insecure manner. Impact A local attacker could exploit...
FreeBSD : postfix-policyd-weight -- working directory symlink vulnerability (072a53e0-0397-11dd-bd06-0017319806e7)
postfix-policyd-weight does not check for symlink for its working directory. If the working directory is not already setup by the super root, an unprivileged user can link it to another directories in the system. This results in ownership/permission changes on the target directory. %NASLMINLEVEL...
Debian Security Advisory DSA 1531-1 (policyd-weight)
The remote host is missing an update to policyd-weight announced via advisory DSA 1531-1. OpenVAS Vulnerability Test $Id: deb15311.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1531-1 policyd-weight Authors: Thomas Reinke Copyright: Copyright c 2008 E-Sof...
Debian: Security Advisory (DSA-1531-2)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 1531-1 (policyd-weight)
The remote host is missing an update to policyd-weight announced via advisory DSA 1531-1. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
Debian DSA-1531-2 : policyd-weight - insecure temporary files
Chris Howells discovered that policyd-weight, a policy daemon for the Postfix mail transport agent, created its socket in an insecure way, which may be exploited to overwrite or remove arbitrary files from the local system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text...
[SECURITY] [DSA 1531-1] New policyd-weight packages fix insecure temporary files
------------------------------------------------------------------------ Debian Security Advisory DSA-1531-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 27, 2008 http://www.debian.org/security/faq -...
DSA-1531-2 policyd-weight - insecure temporary files
Bulletin has no description...
postfix-policyd-weight -- working directory symlink vulnerability
postfix-policyd-weight does not check for symlink for its working directory. If the working directory is not already setup by the super root, an unprivileged user can link it to another directories in the system. This results in ownership/permission changes on the target directory...
Gentoo ssl-cert eclass信息泄露漏洞
BUGTRAQ ID: 28350 CVECAN ID: CVE-2008-1383 Gentoo Linux是一套通用的、快捷的、完全免费的Linux版本,面向开发人员和专业网络人员。 Gentoo Linux的ssl-cert.eclass实现上存在漏洞,本地攻击者可能利用此漏洞非授权获取信息。...
Debian Security Advisory DSA 1361-1 (postfix-policyd)
The remote host is missing an update to postfix-policyd announced via advisory DSA 1361-1. OpenVAS Vulnerability Test $Id: deb13611.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1361-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian Security Advisory DSA 1042-1 (cyrus-sasl2)
The remote host is missing an update to cyrus-sasl2 announced via advisory DSA 1042-1. The Mu Security research team discovered a denial of service condition in the Simple Authentication and Security Layer authentication library SASL during DIGEST-MD5 negotiation. This potentially affects multipl...
Debian Security Advisory DSA 093-1 (postfix)
The remote host is missing an update to postfix announced via advisory DSA 093-1. OpenVAS Vulnerability Test $Id: deb0931.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 093-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian Security Advisory DSA 690-1 (bsmtpd)
The remote host is missing an update to bsmtpd announced via advisory DSA 690-1. OpenVAS Vulnerability Test $Id: deb6901.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 690-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian Security Advisory DSA 363-1 (postfix)
The remote host is missing an update to postfix announced via advisory DSA 363-1. OpenVAS Vulnerability Test $Id: deb3631.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 363-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian Security Advisory DSA 093-1 (postfix)
The remote host is missing an update to postfix announced via advisory DSA 093-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...