MiracleLinux 4 : python-2.6.6-20.AXS4 (AXSA:2011-587:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-587:02 advisory. Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules,...

MiracleLinux 3 : python-2.4.3-44.0.1.AXS3 (AXSA:2011-183:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-183:01 advisory. Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules,...

EUVD-2000-0157

Malware in sbrugna...

SUSE-SU-2025:03271-2 Security update for busybox, busybox-links

This update for busybox, busybox-links fixes the following issues: Updated to version 1.37.0 jscPED-13039: - CVE-2023-42363: Fixed use-after-free vulnerability in xasprintf function in xfuncsprintf.c bsc1217580 - CVE-2023-42364: Fixed use-after-free in the awk.c evaluate function bsc1217584 -...

Security update for busybox, busybox-links

This update for busybox, busybox-links fixes the following issues: Updated to version 1.37.0 jscPED-13039: CVE-2023-42363: Fixed use-after-free vulnerability in xasprintf function in xfuncsprintf.c bsc1217580 CVE-2023-42364: Fixed use-after-free in the awk.c evaluate function bsc1217584...

Security update for busybox, busybox-links

This update for busybox, busybox-links fixes the following issues: Updated to version 1.37.0 jscPED-13039: - CVE-2023-42363: Fixed use-after-free vulnerability in xasprintf function in xfuncsprintf.c bsc1217580 - CVE-2023-42364: Fixed use-after-free in the awk.c evaluate function bsc1217584 -...

SUSE CVE-2025-31135

Go-Guerrilla SMTP Daemon is a lightweight SMTP server written in Go. Prior to 1.6.7, when ProxyOn is enabled, the PROXY command will be accepted multiple times, with later invocations overriding earlier ones. The proxy protocol only supports one initial PROXY header; anything after that is...

GO-2025-3588 Go-Guerrilla SMTP Daemon allows the PROXY command to be sent multiple times in github.com/phires/go-guerrilla

Go-Guerrilla SMTP Daemon allows the PROXY command to be sent multiple times in github.com/phires/go-guerrilla...

Go-Guerrilla SMTP Daemon allows the PROXY command to be sent multiple times

Summary The PROXY command is accepted multiple times, allowing a client to spoof its IP address when the proxy protocol is being used. Details When ProxyOn is enabled, it looks like the PROXY command will be accepted multiple times, with later invocations overriding earlier ones. The proxy protoc...

CVE-2025-31135

CVE-2025-31135 affects Go-Guerrilla SMTP Daemon. Before version 1.6.7, when ProxyOn is enabled, the PROXY command may be accepted multiple times, with later invocations overriding earlier ones. The proxy protocol supports only a single initial PROXY header; subsequent PROXY commands are treated a...

CVE-2025-31135 Go-Guerrilla SMTP Daemon allows the PROXY command to be sent multiple times

Go-Guerrilla SMTP Daemon is a lightweight SMTP server written in Go. Prior to 1.6.7, when ProxyOn is enabled, the PROXY command will be accepted multiple times, with later invocations overriding earlier ones. The proxy protocol only supports one initial PROXY header; anything after that is...

PT-2025-14443

Name of the Vulnerable Software and Affected Versions Go-Guerrilla SMTP Daemon versions prior to 1.6.7 Description The issue allows a client to spoof its IP address when the proxy protocol is being used. This occurs because the PROXY command is accepted multiple times, with later invocations...

UBUNTU-CVE-2023-29323

asciiloadsockaddr in smtpd in OpenBSD before 7.1 errata 024 and 7.2 before errata 020, and OpenSMTPD Portable before 7.0.0-portable commit f748277, can abort upon a connection from a local, scoped IPv6 address...

SUSE CVE-2017-16944

The receivemsg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service infinite loop and stack exhaustion via vectors involving BDAT commands and an improper check for a '.' character signifying the end of the content, related to the...

USN-4875-1 opensmtpd vulnerabilities

It was discovered that OpenSMTPD incorrectly verified the sender's or receiver's e-mail addresses under certain conditions. An attacker could possibly use this vulnerability to execute arbitrary commands as root. CVE-2020-7247 It was discovered that OpenSMTPD did not properly handle hardlinks und...

CVE-2017-16943

The receivemsg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of service use-after-free via vectors involving BDAT commands. Mitigation if you are running Exim 4.88 or newer, then in the main section of your Exim...

Amazon Linux AMI : exim (ALAS-2017-932)

Use-after-free in receivemsg function via vectors involving BDAT commands The receivemsg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of service use-after-free via vectors involving BDAT commands. CVE-2017-16943...

[ASA-201711-32] exim: multiple issues

Arch Linux Security Advisory ASA-201711-32 ========================================== Severity: Critical Date : 2017-11-30 CVE-ID : CVE-2017-1000369 CVE-2017-10140 CVE-2017-16943 CVE-2017-16944 Package : exim Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-518 Summar...

CVE-2017-16944

The receivemsg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service infinite loop and stack exhaustion via vectors involving BDAT commands and an improper check for a '.' character signifying the end of the content, related to the...

Exim Denial of Service Vulnerability

Exim is an open source messaging agent MTA developed by the University of Cambridge in the UK that runs on Unix systems and is responsible for routing, forwarding and delivering mail. A security vulnerability exists in the 'receivemsg' function of the receive.c file of the SMTP daemon in Exim...