Active Directory Integration < 4.1.10 - Unauthenticated Log Disclosure

Description The plugin stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so. This requires the plugin's Log Authentication Requests setting to be set...

Cobalt Raq3 PopRelayD - Arbitrary SMTP Relay

Cobalt Raq3 PopRelayD - Arbitrary SMTP Relay source: https://www.securityfocus.com/bid/2986/info poprelayd is a script that parses /var/log/maillog for valid pop logins, and based upon the login of a client, allows the person logged into the pop3 service to also send email from the ip address...