3 matches found
SUSE CVE-2011-0411
The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9, and 2.7.x before 2.7.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is...
Dovecot: Busy master process, receiving a lot of SIGCHLD signals rapidly while logging, could die
Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service master process outage by simultaneously disconnecting many 1 IMAP or 2 POP3 sessions...
CVE-2003-1481
CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request for an image, which allows remote attackers to hijack mail sessions via an e-mail with an IMG tag that references a malicious URL that captures the referer...