75 matches found
NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled
A flaw was found in NGINX, specifically within the ngxmailauthhttpmodule. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of...
NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled
A flaw was found in NGINX, specifically within the ngxmailauthhttpmodule. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of...
NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled
A flaw was found in NGINX, specifically within the ngxmailauthhttpmodule. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of...
NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled
A flaw was found in NGINX, specifically within the ngxmailauthhttpmodule. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of...
NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled
A flaw was found in NGINX, specifically within the ngxmailauthhttpmodule. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of...
BIT-NGINX-2026-27651 NGINX ngx_mail_auth_http_module vulnerability
When the ngxmailauthhttpmodule module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when 1 CRAM-MD5 or APOP authentication is enabled, and 2 the authentication server permits retry by returning the Auth-Wait...
EUVD-2026-14880
When the ngxmailauthhttpmodule module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when 1 CRAM-MD5 or APOP authentication is enabled, and 2 the authentication server permits retry by returning the Auth-Wait...
CVE-2026-27651
When the ngxmailauthhttpmodule module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when 1 CRAM-MD5 or APOP authentication is enabled, and 2 the authentication server permits retry by returning the Auth-Wait...
CVE-2026-27651
When the ngxmailauthhttpmodule module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when 1 CRAM-MD5 or APOP authentication is enabled, and 2 the authentication server permits retry by returning the Auth-Wait...
CVE-2026-27651 NGINX ngx_mail_auth_http_module vulnerability
When the ngxmailauthhttpmodule module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when 1 CRAM-MD5 or APOP authentication is enabled, and 2 the authentication server permits retry by returning the Auth-Wait...
K000160383: NGINX ngx_mail_auth_http_module vulnerability CVE-2026-27651
Security Advisory Description When the ngxmailauthhttpmodule module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when 1 CRAM-MD5 or APOP authentication is enabled, and 2 the authentication server permits retry by...
Linux Distros Unpatched Vulnerability : CVE-2026-27651
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When the ngxmailauthhttpmodule module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue ma...
EUVD-2006-2347
Malware in sbrugna...
Information Disclosure
fetchmail is vulnerable to information disclosure. A flaw was found in the way fetchmail processed certain APOP authentication requests. By sending certain responses when fetchmail attempted to authenticate against an APOP server, a remote attacker could potentially acquire certain portions of a...
Oracle Linux 5 : Moderate: / mutt (ELSA-2007-0386)
The remote Oracle Linux 5 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2007-0386 advisory. 5:1.4.1-12.0.3.el4 - fix overflow in gecos field handling 240176, CVE-2007-2683 5:1.4.1-12.0.2.el4 - buildrequire aspell 5:1.4.1-12.0.1.el4 - validate...
Oracle Linux 5 : Moderate: / evolution-data-server (ELSA-2007-0344)
The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2007-0344 advisory. 1.8.0-15.0.3.el5 - Add patch for RH bug 235289 APOP authentication vulnerability. 1.8.0-15.0.2.el5 - Remove Makefile.in changes that accidentally slipped into t...
Scientific Linux Security Update : mutt on SL5.x, SL4.x, SL3.x i386/x86_64
A flaw was found in the way Mutt used temporary files on NFS file systems. Due to an implementation issue in the NFS protocol, Mutt was not able to exclusively open a new file. A local attacker could conduct a time-dependent attack and possibly gain access to e-mail attachments opened by a victim...
Scientific Linux Security Update : evolution on SL4.x, SL3.x i386/x86_64
A flaw was found in the way Evolution processed certain APOP authentication requests. A remote attacker could potentially acquire certain portions of a user's authentication credentials by sending certain responses when evolution-data-server attempted to authenticate against an APOP server...
Scientific Linux Security Update : seamonkey on SL4.x, SL3.x i386/x86_64
Several flaws were found in the way SeaMonkey processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause SeaMonkey to crash or potentially execute arbitrary code as the user running SeaMonkey. CVE-2007-2867, CVE-2007-2868 A flaw was found in the way...
RedHat Security Advisory RHSA-2009:1140
The remote host is missing updates announced in advisory RHSA-2009:1140. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A flaw was found in the way the Ruby POP module processed certain APOP...