Exploit for Unrestricted Upload of File with Dangerous Type in Perfree Perfreeblog

Phân tích lỗ hổng CVE-2022-30333 – Path Traversal trong UnRAR...

OPENSUSE-SU-2024:10614-1 amavisd-new-2.12.1-3.2 on GA media

These are all security issues fixed in the amavisd-new-2.12.1-3.2 package on the GA media of openSUSE Tumbleweed...

Mageia: Security Advisory (MGASA-2024-0212)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2024-0212 Updated amavisd-new packages fix security vulnerability

Amavis before 2.12.3 and 2.13.x before 2.13.1, in part because of its use of MIME-tools, has an Interpretation Conflict relative to some mail user agents when there are multiple boundary parameters in a MIME email message. Consequently, there can be an incorrect check for banned files or malware...

Ubuntu: Security Advisory (USN-6790-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6790-1: amavisd-new vulnerability

It was discovered that amavisd-new incorrectly handled certain MIME email messages with multiple boundary parameters. A remote attacker could possibly use this issue to bypass checks for banned files or malware...

USN-6790-1 amavisd-new vulnerability

It was discovered that amavisd-new incorrectly handled certain MIME email messages with multiple boundary parameters. A remote attacker could possibly use this issue to bypass checks for banned files or malware...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : amavisd-new vulnerability (USN-6790-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6790-1 advisory. It was discovered that amavisd-new incorrectly handled certain MIME email messages with multiple boundary parameters. A remote...

FreeBSD : amavisd-new -- multipart boundary confusion (0a48e552-e470-11ee-99b3-589cfc0f81b0)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 0a48e552-e470-11ee-99b3-589cfc0f81b0 advisory. - The Amavis project reports: Emails which consist of multiple parts Content-Type: multipart/ incorpora...

Zimbra Collaboration Server 9.0.0 < 9.0.0 Patch 27 Multiple Vulnerabilities

According to its self-reported version number, Zimbra Collaboration Server is affected by a multiple vulnerabilities: including the following: - An attacker can upload arbitrary files through amavisd via a cpio loophole that can lead to incorrect access to any other user accounts. CVE-2022-41352 ...

Zimbra Collaboration Server 8.8.15 < 8.8.15 Patch 34 Multiple Vulnerabilities

According to its self-reported version number, Zimbra Collaboration Server is affected by a multiple vulnerabilities: including the following: - An attacker can upload arbitrary files through amavisd via a cpio loophole that can lead to incorrect access to any other user accounts. CVE-2022-41352 ...

PT-2022-4906

Name of the Vulnerable Software and Affected Versions Zimbra Collaboration ZCS versions 8.8.15 and 9.0 Description An issue exists in Zimbra Collaboration ZCS that allows an attacker to upload arbitrary files through amavis via a cpio loophole. This loophole involves extracting files to the...

SUSE: Security Advisory (SUSE-SU-2019:0505-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2019:0297-1 Security update for amavisd-new

This update for amavisd-new fixes the following issues: Security issue fixed: - CVE-2016-1238: Workedaround a perl vulnerability by removing a trailing dot element from @INC bsc987887. Other issues addressed: - update to version 2.11.1 bsc1123389. - amavis-services: bumping up syslog level from...

openSUSE Security Update : amavisd-new (openSUSE-2019-297)

This update for amavisd-new fixes the following issues : Security issue fixed : - CVE-2016-1238: Workedaround a perl vulnerability by removing a trailing dot element from @INCbsc987887. Other issues addressed : - update to version 2.11.1 bsc1123389. - amavis-services: bumping up syslog level from...

openSUSE: Security Advisory for amavisd-new (openSUSE-SU-2019:0297-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for amavisd-new (moderate)

openSUSE Security Update: Security update for amavisd-new Announcement ID: openSUSE-SU-2019:0297-1 Rating: moderate References: 1123389 987887 Cross-References: CVE-2016-1238 Affected Products: openSUSE Leap 15.0 An update that solves one vulnerability and has one errata is now available...

SUSE-SU-2019:0505-1 Security update for amavisd-new

This update for amavisd-new fixes the following issues: wmavisd-new was updated to version 2.11.1 bsc1123389: removed a trailing dot element from @INC, as a workaround for a perl vulnerability CVE-2016-1238 bsc987887 amavis-services: bumping up syslog level from LOGNOTICE to LOGERR for a message...

SUSE SLED15 / SLES15 Security Update : amavisd-new (SUSE-SU-2019:0505-1)

This update for amavisd-new fixes the following issues : wmavisd-new was updated to version 2.11.1 bsc1123389 : removed a trailing dot element from @INC, as a workaround for a perl vulnerability CVE-2016-1238 bsc987887 amavis-services: bumping up syslog level from LOGNOTICE to LOGERR for a messag...

MailZu 0.8RC3 Cross Site Scripting

Title: MailZu 0.8RC3 - Reflected Cross Site Scripting + Credits / Discovery: Nassim Asrir + Author Email: [email protected] + Author Company: Henceforth + Vendor: =============== https://sourceforge.net/ Product: =============== 0.8RC3 Download: ===========...