234 matches found
Explained: SMTP smuggling
SMTP smuggling is a technique that allows an attacker to send an email from pretty much any address they like. The intended goal is email spoofing—sending emails with false sender addresses. Email spoofing allows criminals to make malicious emails more believable. Let’s take a closer look at what...
SMTP Smuggling: New Flaw Lets Attackers Bypass Security and Spoof Emails
A new exploitation technique called Simple Mail Transfer Protocol SMTP smuggling can be weaponized by threat actors to send spoofed emails with fake sender addresses while bypassing security measures. "Threat actors could abuse vulnerable SMTP servers worldwide to send malicious emails from...
Exploit for Insufficient Verification of Data Authenticity in Postfix
CVE-2023-51764 Postfix SMTP Smuggling - Expect Script POC sen...
Debian dla-3680 : libopendkim-dev - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3680 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3680-1 [email protected] https://www.debian.org/lts/security/...
Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : OpenDMARC vulnerabilities (USN-6356-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6356-1 advisory. Jianjun Chen, Vern Paxson and Jian Jiang discovered that OpenDMARC incorrectly handled certain inputs. If a user or an automated...
[SECURITY] Fedora 37 Update: php-phpmailer6-6.8.1-1.fc37
PHPMailer - A full-featured email creation and transfer class for PHP Class Features Probably the world's most popular code for sending email from PHP! Used by many open-source projects: WordPress, Drupal, 1CRM, SugarCRM, Yii, Joomla! and many more Integrated SMTP support - send without a local...
[SECURITY] Fedora 38 Update: php-phpmailer6-6.8.1-1.fc38
PHPMailer - A full-featured email creation and transfer class for PHP Class Features Probably the world's most popular code for sending email from PHP! Used by many open-source projects: WordPress, Drupal, 1CRM, SugarCRM, Yii, Joomla! and many more Integrated SMTP support - send without a local...
Debian dla-3546 : libopendmarc-dev - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3546 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3546-1 [email protected] https://www.debian.org/lts/security/...
Debian dla-3509 : libmail-dkim-perl - security update
The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3509 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3509-1 [email protected] https://www.debian.org/lts/security/...
Debian: Security Advisory (DLA-3509-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3509-1] libmail-dkim-perl update
Debian LTS Advisory DLA-3509-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany July 27, 2023 https://wiki.debian.org/LTS Package : libmail-dkim-perl Version : 0.54-1+deb10u1 Debian Bug : 1039489 It was discovered that the domain check in libmail-dkim-perl, a Perl...
DLA-3509-1 libmail-dkim-perl - security update
Bulletin has no description...
CVE-2022-48521
An issue was discovered in OpenDKIM through 2.10.3, and 2.11.x through 2.11.0-Beta2. It fails to keep track of ordinal numbers when removing fake Authentication-Results header fields, which allows a remote attacker to craft an e-mail message with a fake sender address such that programs that rely...
Authentication flaw
An issue was discovered in OpenDKIM through 2.10.3, and 2.11.x through 2.11.0-Beta2. It fails to keep track of ordinal numbers when removing fake Authentication-Results header fields, which allows a remote attacker to craft an e-mail message with a fake sender address such that programs that rely...
CVE-2022-48521
An issue was discovered in OpenDKIM through 2.10.3, and 2.11.x through 2.11.0-Beta2. It fails to keep track of ordinal numbers when removing fake Authentication-Results header fields, which allows a remote attacker to craft an e-mail message with a fake sender address such that programs that rely...
UBUNTU-CVE-2022-48521
An issue was discovered in OpenDKIM through 2.10.3, and 2.11.x through 2.11.0-Beta2. It fails to keep track of ordinal numbers when removing fake Authentication-Results header fields, which allows a remote attacker to craft an e-mail message with a fake sender address such that programs that rely...
CVE-2022-48521
An issue was discovered in OpenDKIM through 2.10.3, and 2.11.x through 2.11.0-Beta2. It fails to keep track of ordinal numbers when removing fake Authentication-Results header fields, which allows a remote attacker to craft an e-mail message with a fake sender address such that programs that rely...
CVE-2022-48521
OpenDKIM CVE-2022-48521 affects OpenDKIM up to 2.10.3 and 2.11.x up to 2.11.0-Beta2. The issue: OpenDKIM fails to track ordinal numbers when removing fake Authentication-Results header fields, allowing a remote attacker to craft an email that appears to have a valid DKIM signature when it does no...
CVE-2022-48521
An issue was discovered in OpenDKIM through 2.10.3, and 2.11.x through 2.11.0-Beta2. It fails to keep track of ordinal numbers when removing fake Authentication-Results header fields, which allows a remote attacker to craft an e-mail message with a fake sender address such that programs that rely...
CVE-2022-48521
An issue was discovered in OpenDKIM through 2.10.3, and 2.11.x through 2.11.0-Beta2. It fails to keep track of ordinal numbers when removing fake Authentication-Results header fields, which allows a remote attacker to craft an e-mail message with a fake sender address such that programs that rely...