67 matches found
Fedora Update for dbmail FEDORA-2008-3371
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for dbmail FEDORA-2008-3333
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for dbmail FEDORA-2008-4245
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Gentoo Security Advisory GLSA 200804-24 (dbmail)
The remote host is missing updates announced in advisory GLSA 200804-24. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200804-24 (dbmail)
The remote host is missing updates announced in advisory GLSA 200804-24. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 9 Update: dbmail-2.2.9-1.fc9
Dbmail is the name of a group of programs that enable the possiblilty of storing and retrieving mail messages from a database. Currently dbmail supports the following database backends: MySQL PostgreSQL SQLite Please see /usr/share/doc/dbmail-/README.fedora for specific information on installatio...
Fedora 9 : dbmail-2.2.9-1.fc9 (2008-4245)
Thu Apr 24 2008 Bernard Johnson - 2.2.9-1 - v 2.2.9 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
[SECURITY] Fedora 9 Update: dbmail-2.2.9-1.fc9
Dbmail is the name of a group of programs that enable the possiblilty of storing and retrieving mail messages from a database. Currently dbmail supports the following database backends: MySQL PostgreSQL SQLite Please see /usr/share/doc/dbmail-/README.fedora for specific information on installatio...
Fedora 7 : dbmail-2.2.9-1.fc7 (2008-3371)
Fix possible authentication bypass in authldap authentication module when dbmail is used with LDAP servers allowing anonymous logins - CVE-2007-6714 443019. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...
Fedora 8 : dbmail-2.2.9-1.fc8 (2008-3333)
Fix possible authentication bypass in authldap authentication module when dbmail is used with LDAP servers allowing anonymous logins - CVE-2007-6714 443019. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...
[SECURITY] Fedora 7 Update: dbmail-2.2.9-1.fc7
Dbmail is the name of a group of programs that enable the possiblilty of storing and retrieving mail messages from a database. Currently dbmail supports the following database backends: MySQL PostgreSQL SQLite Please see /usr/share/doc/dbmail-/README.fedora for specific information on installatio...
[SECURITY] Fedora 8 Update: dbmail-2.2.9-1.fc8
Dbmail is the name of a group of programs that enable the possiblilty of storing and retrieving mail messages from a database. Currently dbmail supports the following database backends: MySQL PostgreSQL SQLite Please see /usr/share/doc/dbmail-/README.fedora for specific information on installatio...
DBMail空LDAP口令绕过认证漏洞
BUGTRAQ ID: 28849 CVECAN ID: CVE-2007-6714 Dbmail是一个程序集,允许从数据库检索和存储邮件,可使用MySQL、PostgreSQL和SQLite作为数据库后端。 Dbmail的认证过程存在安全漏洞,如果启用了authldap模块且LDAP服务器允许匿名登录,则任何用户都可以使用空口令字符串登录到任意帐号。 h000 telnet localhost 143 Trying 127.0.0.1... Connected to localhost. Escape character is '^'. OK dbmail imap protocol...
[ GLSA 200804-24 ] DBmail: Data disclosure
Gentoo Linux Security Advisory GLSA 200804-24 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
DBMail unauthorized access
It's possible to access any account without password if authldap is used...
GLSA-200804-24 : DBmail: Data disclosure
The remote host is affected by the vulnerability described in GLSA-200804-24 DBmail: Data disclosure A vulnerability in DBMail's authldap module when used in conjunction with an Active Directory server has been reported by vugluskr. When passing a zero length password to the module, it tries to...
DBmail: Data disclosure
Background DBMail is a mail storage and retrieval daemon that uses SQL databases as its data store. IMAP and POP3 can be used to retrieve mails from the database. Description A vulnerability in DBMail's authldap module when used in conjunction with an Active Directory server has been reported by...
CVE-2007-6714
DBMail before 2.2.9, when using authldap with an LDAP server that supports anonymous login such as Active Directory, allows remote attackers to bypass authentication via an empty password, which causes the LDAP bind to indicate success based on anonymous authentication...
CVE-2007-6714
DBMail before 2.2.9, when using authldap with an LDAP server that supports anonymous login such as Active Directory, allows remote attackers to bypass authentication via an empty password, which causes the LDAP bind to indicate success based on anonymous authentication...
Authentication flaw
DBMail before 2.2.9, when using authldap with an LDAP server that supports anonymous login such as Active Directory, allows remote attackers to bypass authentication via an empty password, which causes the LDAP bind to indicate success based on anonymous authentication...