52 matches found
Use of a Broken or Risky Cryptographic Algorithm in Max Mazurov Maddy
A Broken or Risky Cryptographic Algorithm exists in Max Mazurov Maddy before 0.5.2, which is an unnecessary risk that may result in the exposure of sensitive information...
GHSA-5R5W-H76P-M726 Use of a Broken or Risky Cryptographic Algorithm in Max Mazurov Maddy
A Broken or Risky Cryptographic Algorithm exists in Max Mazurov Maddy before 0.5.2, which is an unnecessary risk that may result in the exposure of sensitive information...
Information Disclosure
github.com/foxcpp/maddy is vulnerable to information disclosure. The vulnerability exists in verify.go of auth.shadow module due to the presence of MD5 hashes which allows an attacker to gain access to sensitive information...
CVE-2021-42583
A Broken or Risky Cryptographic Algorithm exists in Max Mazurov Maddy before 0.5.2, which is an unnecessary risk that may result in the exposure of sensitive information...
CVE-2021-42583
A Broken or Risky Cryptographic Algorithm exists in Max Mazurov Maddy before 0.5.2, which is an unnecessary risk that may result in the exposure of sensitive information...
Design/Logic Flaw
A Broken or Risky Cryptographic Algorithm exists in Max Mazurov Maddy before 0.5.2, which is an unnecessary risk that may result in the exposure of sensitive information...
CVE-2021-42583
A Broken or Risky Cryptographic Algorithm exists in Max Mazurov Maddy before 0.5.2, which is an unnecessary risk that may result in the exposure of sensitive information...
CVE-2021-42583
Max Mazurov Maddy (github.com/foxcpp/maddy) is affected by a broken or risky cryptographic algorithm prior to version 0.5.2. The issue stems from the verify.go code-path in auth.shadow, where MD5-based hashing can lead to information disclosure. Multiple sources (CVE-2021-42583, GHSA-5R5W-H76P-M7...
Max Mazurov Maddy 加密问题漏洞
Max Mazurov Maddy is combinable all-in-one mail server. A security vulnerability exists in the previous version 0.5.2 of Max Mazurov Maddy, which stems from the disclosure of sensitive information in the application...
PT-2021-23641 · Max Mazurov · Maddy
Name of the Vulnerable Software and Affected Versions: Max Mazurov Maddy versions prior to 0.5.2 Description: The issue concerns the use of a broken or risky cryptographic algorithm, which poses an unnecessary risk that may result in the exposure of sensitive information. Recommendations: For...
MD5 hash support in github.com/foxcpp/maddy
Impact This vulnerability affects maddy 0.5.1, 0.5.0 users using auth.shadow module and an extremely outdated system that still allows MD5 hashes in /etc/shadows. Patches Patch is available as part of the 0.5.2 release. Workarounds Ensure MD5 hashes are not present in /etc/shadow...
GHSA-QH54-9VC5-M9FG MD5 hash support in github.com/foxcpp/maddy
Impact This vulnerability affects maddy 0.5.1, 0.5.0 users using auth.shadow module and an extremely outdated system that still allows MD5 hashes in /etc/shadows. Patches Patch is available as part of the 0.5.2 release. Workarounds Ensure MD5 hashes are not present in /etc/shadow...