Lucene search
K

67 matches found

OpenVAS
OpenVAS
added 2009/02/17 12:0 a.m.9 views

Fedora Update for dbmail FEDORA-2008-3371

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.8CVSS6.7AI score0.02389EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2009/02/17 12:0 a.m.8 views

Fedora Update for dbmail FEDORA-2008-3333

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.8CVSS6.7AI score0.02389EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2009/02/17 12:0 a.m.10 views

Fedora Update for dbmail FEDORA-2008-4245

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.8CVSS6.7AI score0.02389EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.17 views

Gentoo Security Advisory GLSA 200804-24 (dbmail)

The remote host is missing updates announced in advisory GLSA 200804-24. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

6.8CVSS0.1AI score0.02389EPSS
Exploits1
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.10 views

Gentoo Security Advisory GLSA 200804-24 (dbmail)

The remote host is missing updates announced in advisory GLSA 200804-24. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.7AI score0.02389EPSS
Exploits1References2
Fedora
Fedora
added 2008/07/26 6:7 a.m.41 views

[SECURITY] Fedora 9 Update: dbmail-2.2.9-1.fc9

Dbmail is the name of a group of programs that enable the possiblilty of storing and retrieving mail messages from a database. Currently dbmail supports the following database backends: MySQL PostgreSQL SQLite Please see /usr/share/doc/dbmail-/README.fedora for specific information on installatio...

6.8CVSS2.1AI score0.02389EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2008/05/22 12:0 a.m.15 views

Fedora 9 : dbmail-2.2.9-1.fc9 (2008-4245)

Thu Apr 24 2008 Bernard Johnson - 2.2.9-1 - v 2.2.9 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

6.8CVSS5.3AI score0.02389EPSS
Exploits1References4
Fedora
Fedora
added 2008/05/21 11:4 a.m.56 views

[SECURITY] Fedora 9 Update: dbmail-2.2.9-1.fc9

Dbmail is the name of a group of programs that enable the possiblilty of storing and retrieving mail messages from a database. Currently dbmail supports the following database backends: MySQL PostgreSQL SQLite Please see /usr/share/doc/dbmail-/README.fedora for specific information on installatio...

6.8CVSS2.1AI score0.02389EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2008/05/01 12:0 a.m.18 views

Fedora 7 : dbmail-2.2.9-1.fc7 (2008-3371)

Fix possible authentication bypass in authldap authentication module when dbmail is used with LDAP servers allowing anonymous logins - CVE-2007-6714 443019. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...

6.8CVSS5.5AI score0.02389EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2008/05/01 12:0 a.m.19 views

Fedora 8 : dbmail-2.2.9-1.fc8 (2008-3333)

Fix possible authentication bypass in authldap authentication module when dbmail is used with LDAP servers allowing anonymous logins - CVE-2007-6714 443019. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...

6.8CVSS5.5AI score0.02389EPSS
Exploits1References3
Fedora
Fedora
added 2008/04/29 8:57 p.m.57 views

[SECURITY] Fedora 7 Update: dbmail-2.2.9-1.fc7

Dbmail is the name of a group of programs that enable the possiblilty of storing and retrieving mail messages from a database. Currently dbmail supports the following database backends: MySQL PostgreSQL SQLite Please see /usr/share/doc/dbmail-/README.fedora for specific information on installatio...

6.8CVSS2.1AI score0.02389EPSS
Exploits1
Fedora
Fedora
added 2008/04/29 8:53 p.m.20 views

[SECURITY] Fedora 8 Update: dbmail-2.2.9-1.fc8

Dbmail is the name of a group of programs that enable the possiblilty of storing and retrieving mail messages from a database. Currently dbmail supports the following database backends: MySQL PostgreSQL SQLite Please see /usr/share/doc/dbmail-/README.fedora for specific information on installatio...

6.8CVSS2.1AI score0.02389EPSS
Exploits1
seebug.org
seebug.org
added 2008/04/23 12:0 a.m.44 views

DBMail空LDAP口令绕过认证漏洞

BUGTRAQ ID: 28849 CVECAN ID: CVE-2007-6714 Dbmail是一个程序集,允许从数据库检索和存储邮件,可使用MySQL、PostgreSQL和SQLite作为数据库后端。 Dbmail的认证过程存在安全漏洞,如果启用了authldap模块且LDAP服务器允许匿名登录,则任何用户都可以使用空口令字符串登录到任意帐号。 h000 telnet localhost 143 Trying 127.0.0.1... Connected to localhost. Escape character is '^'. OK dbmail imap protocol...

6.8CVSS6.3AI score0.02389EPSS
Exploits1
securityvulns
securityvulns
added 2008/04/22 12:0 a.m.55 views

[ GLSA 200804-24 ] DBmail: Data disclosure

Gentoo Linux Security Advisory GLSA 200804-24 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

6.8CVSS6.7AI score0.02389EPSS
Exploits1
securityvulns
securityvulns
added 2008/04/22 12:0 a.m.47 views

DBMail unauthorized access

It's possible to access any account without password if authldap is used...

6.8CVSS2.8AI score0.02389EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2008/04/22 12:0 a.m.14 views

GLSA-200804-24 : DBmail: Data disclosure

The remote host is affected by the vulnerability described in GLSA-200804-24 DBmail: Data disclosure A vulnerability in DBMail's authldap module when used in conjunction with an Active Directory server has been reported by vugluskr. When passing a zero length password to the module, it tries to...

6.8CVSS5.5AI score0.02389EPSS
Exploits1References2
Gentoo Linux
Gentoo Linux
added 2008/04/18 12:0 a.m.18 views

DBmail: Data disclosure

Background DBMail is a mail storage and retrieval daemon that uses SQL databases as its data store. IMAP and POP3 can be used to retrieve mails from the database. Description A vulnerability in DBMail's authldap module when used in conjunction with an Active Directory server has been reported by...

6.8CVSS6.9AI score0.02389EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2008/04/17 10:5 p.m.16 views

CVE-2007-6714

DBMail before 2.2.9, when using authldap with an LDAP server that supports anonymous login such as Active Directory, allows remote attackers to bypass authentication via an empty password, which causes the LDAP bind to indicate success based on anonymous authentication...

6.8CVSS5.9AI score0.02389EPSS
Exploits1References1
NVD
NVD
added 2008/04/17 10:5 p.m.9 views

CVE-2007-6714

DBMail before 2.2.9, when using authldap with an LDAP server that supports anonymous login such as Active Directory, allows remote attackers to bypass authentication via an empty password, which causes the LDAP bind to indicate success based on anonymous authentication...

6.8CVSS6.8AI score0.02389EPSS
Exploits1References13
Prion
Prion
added 2008/04/17 10:5 p.m.8 views

Authentication flaw

DBMail before 2.2.9, when using authldap with an LDAP server that supports anonymous login such as Active Directory, allows remote attackers to bypass authentication via an empty password, which causes the LDAP bind to indicate success based on anonymous authentication...

6.8CVSS6.8AI score0.02389EPSS
Exploits1References13Affected Software1
Rows per page
Query Builder