45 matches found
CVE-2021-28374
The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it includes the user's...
EUVD-2021-15057
Malware in sbrugna...
EUVD-2008-2375
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-28374
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowin...
SUSE CVE-2008-2380
SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes...
Debian: Security Advisory (DLA-2625-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2625-1 : courier-authlib security update
The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it includes the user's...
[SECURITY] [DLA 2625-1] courier-authlib security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2625-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta April 14, 2021 https://wiki.debian.org/LTS -...
DLA-2625-1 courier-authlib - security update
Bulletin has no description...
Information Disclosure
courier-authlib is vulnerable to information disclosure. The vulnerability exists due to a /run/courier/authdaemon directory with weak permissions...
CVE-2021-28374
The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it includes the user's...
CVE-2021-28374
The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it includes the user's...
CVE-2021-28374
The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it includes the user's...
Design/Logic Flaw
The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it includes the user's...
CVE-2021-28374
The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it includes the user's...
CVE-2021-28374
The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it includes the user's...
CVE-2021-28374
The CVE-2021-28374 issue affects the Debian courier-authlib package prior to 0.71.1-2 for Courier Authentication Library, which creates /run/courier/authdaemon with weak permissions, enabling an attacker to read user information (potentially including a cleartext password hash). The vulnerability...
Mandriva Linux Security Advisory : courier-authlib (MDVSA-2013:068)
When using the authpgsql module and if the Postgres server goes down, authpgsql will start leaking memory. A packaging flaw was discovered that caused the courier-authlib-devel package to be installed when installing for example maildrop. This update fixes both of these issues. %NASLMINLEVEL 7030...
openSUSE Security Update : courier-authlib (courier-authlib-370)
Insufficient quoting allowed attackers to inject SQL statements when using the pgsql backend CVE-2008-2380. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update courier-authlib-370. The text...
openSUSE Security Update : courier-authlib (courier-authlib-391)
Insufficient quoting allowed attackers to inject SQL statements when using the pgsql backend CVE-2008-2380. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update courier-authlib-391. The text...