170 matches found
Microsoft Exchange ProxyLogon Collector
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework begin auxiliary class class MetasploitModule 'Microsoft Exchange ProxyLogon Collector', 'Description' = %q This module exploit a vulnerability on Microsoft Exchange Serv...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Exim vulnerability (USN-6939-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6939-1 advisory. Phillip Szelat discovered that Exim misparses multiline MIME header filenames. A remote attacker could use this...
CVE-2024-39929
Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mimefilename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users...
CVE-2024-39929
Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mimefilename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users...
Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies
Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit irrespective of the license tier, more than six months after a China-linked cyber espionage campaign targeting two dozen organizations came to light. "Microsoft will automatically enable th...
CVE-2023-43102
An issue was discovered in Zimbra Collaboration ZCS before 10.0.4. An XSS issue can be exploited to access the mailbox of an authenticated user. This is also fixed in 8.8.15 Patch 43 and 9.0.0 Patch 36...
Microsoft Warns of Kremlin-Backed APT28 Exploiting Critical Outlook Vulnerability
Microsoft on Monday said it detected Kremlin-backed nation-state activity exploiting a now-patched critical security flaw in its Outlook email service to gain unauthorized access to victims' accounts within Exchange servers. The tech giant attributed the intrusions to a threat actor it called...
New PowerExchange Backdoor Used in Iranian Cyber Attack on UAE Government
An unnamed government entity associated with the United Arab Emirates U.A.E. was targeted by a likely Iranian threat actor to breach the victim's Microsoft Exchange Server with a "simple yet effective" backdoor dubbed PowerExchange. According to a new report from Fortinet FortiGuard Labs, the...
SUSE CVE-2007-2231
Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped .gz mailboxes mbox files via a .. dot dot sequence in the mailbox name...
SUSE CVE-2010-3304
The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs...
SUSE CVE-2018-14357
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with an automatic subscription...
[SECURITY] Fedora 37 Update: libetpan-1.9.4-9.fc37
The purpose of this mail library is to provide a portable, efficient middle-w are for different kinds of mail access. When using the drivers interface, the interface is the same for all kinds of mail access, remote and local mailboxe s...
ProxyToken: Another nail-biter from Microsoft Exchange
Had I known this season of Microsoft Exchange was going to be so long Id have binge watched. Does anyone know how many episodes there are? Sarcasm aside, while ProxyToken may seem like yet another episode of 2021s longest running show, that doesn’t make it any less serious, or any less...
CVE-2021-33766 ProxyToken
Microsoft Exchange Server Information Disclosure Vulnerability Recent assessments: NinjaOperator at August 30, 2021 4:59pm UTC reported: An unauthenticated actor can perform configuration actions on mailboxes belonging to arbitrary users. Which can be used to copy all emails addressed to a target...
Microsoft Disrupts Large, Cloud-Based BEC Campaign
Threat hunters at Microsoft recently uncovered and disrupted infrastructure that powered a large-scale business email compromise BEC campaign. The infrastructure was hosted on multiple cloud platforms, which allowed it to stay under the radar for quite some time. “The attackers performed discrete...
Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign
Microsoft 365 Defender researchers recently uncovered and disrupted a large-scale business email compromise BEC infrastructure hosted in multiple web services. Attackers used this cloud-based infrastructure to compromise mailboxes via phishing and add forwarding rules, enabling these attackers to...
Microsoft Exchange 2019 - Unauthenticated Email Download Exploit
Exploit Title: Microsoft Exchange 2019 - Unauthenticated Email Download Exploit Author: Gonzalo Villegas a.k.a Cl34r Vendor Homepage: https://www.microsoft.com/ Version: OWA Exchange 2013 - 2019 Tested on: OWA 2016 CVE : CVE-2021-26855 Details: checking users mailboxes and automated downloads of...
Samsung Email 信息泄露漏洞
Samsung Email application is a cell phone application from Samsung South Korea. It provides the function of sending and receiving e-mail. A security vulnerability exists in Samsung Email versions prior to 6.1.41.0, which originates from leaking messages in certain mailboxes in clear text. No...
Windows Gather Exchange Server Mailboxes
This module will gather information from an on-premise Exchange Server running on the target machine. Two actions are supported: LIST default action: List basic information about all Exchange servers and mailboxes hosted on the target. EXPORT: Export and download a chosen mailbox in the form of a...
CentOS 8 : cyrus-imapd (CESA-2020:4655)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4655 advisory. - cyrus-imapd: privilege escalation in HTTP request CVE-2019-18928 - cyrus-imapd: lmtpd component created mailboxes with administrator privileges if th...