146 matches found
GLSA-202006-12 : GNU Mailutils: Privilege escalation
The remote host is affected by the vulnerability described in GLSA-202006-12 GNU Mailutils: Privilege escalation GNU Mailutils runs maidag by default with setuid root permissions. Impact : An attacker can use this to write to arbitrary files as root. Workaround : There is no known workaround at...
GNU Mailutils: Privilege escalation
Background The GNU Mailutils are a collection of mail-related utilities, including an IMAP4 server imap4d. Description GNU Mailutils runs maidag by default with setuid root permissions. Impact An attacker can use this to write to arbitrary files as root. Workaround There is no known workaround at...
GNU Mailutils 3.7 - Privilege Escalation Exploit
Exploit Title: GNU Mailutils 3.7 - Local Privilege Escalation Date: 2019-11-06 Exploit Author: Mike Gualtieri Vendor Homepage: https://mailutils.org/ Software Link: https://ftp.gnu.org/gnu/mailutils/mailutils-3.7.tar.gz Version: 2.0 = 3.7 Tested on: Gentoo CVE : CVE-2019-18862 Title : GNU Mailuti...
GNU Mailutils 3.7 Privilege Escalation
Exploit Title: GNU Mailutils 3.7 - Local Privilege Escalation Date: 2019-11-06 Exploit Author: Mike Gualtieri Vendor Homepage: https://mailutils.org/ Software Link: https://ftp.gnu.org/gnu/mailutils/mailutils-3.7.tar.gz Version: 2.0 = 3.7 Tested on: Gentoo CVE : CVE-2019-18862 Title : GNU Mailuti...
GNU Mailutils 3.7 - Privilege Escalation
GNU Mailutils 3.7 - Privilege Escalation Exploit Title: GNU Mailutils 3.7 - Local Privilege Escalation Date: 2019-11-06 Exploit Author: Mike Gualtieri Vendor Homepage: https://mailutils.org/ Software Link: https://ftp.gnu.org/gnu/mailutils/mailutils-3.7.tar.gz Version: 2.0 = 3.7 Tested on: Gentoo...
GNU Mailutils 3.7 - Privilege Escalation
Exploit Title: GNU Mailutils 3.7 - Local Privilege Escalation Date: 2019-11-06 Exploit Author: Mike Gualtieri Vendor Homepage: https://mailutils.org/ Software Link: https://ftp.gnu.org/gnu/mailutils/mailutils-3.7.tar.gz Version: 2.0 = 3.7 Tested on: Gentoo CVE : CVE-2019-18862 Title : GNU Mailuti...
CVE-2019-18862
maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode...
CVE-2019-18862
maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode...
DEBIAN-CVE-2019-18862
maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode...
Privilege escalation
maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode...
CVE-2019-18862
maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode...
UBUNTU-CVE-2019-18862
maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode...
CVE-2019-18862
GNU Mailutils: maidag (the url handler) is installed with setuid root prior to version 3.8, enabling local privilege escalation in url mode. Affected: GNU Mailutils 2.x–3.7. Impact/notes: escalation to root via manipulation of url parameter; exploitation details exist in public advisories and exp...
CVE-2019-18862
maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode...
CVE-2019-18862
maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode...
Unspecified Vulnerability in GNU Mailutils
GNU Mailutils is an email processing package from the GNU Project that supports library access to a wide range of mailboxes and protocols, as well as parsing messages, processing MIME messages, extensible Sieve filtering, and access control. A security vulnerability exists in maidag in versions o...
Emacs - movemail Privilege Escalation (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Emacs movemail Privilege Escalation', 'Description' = %q This module exploits a SUID installation of the Emacs movemail utility to run a command ...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in theuw-mailutils package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Send-Only Postfix Server
Postfix is an MTA Mail Transfer Agent, an application used to send and receive email. In this tutorial, we will install and configure Postfix so that it can be used to send emails by local applications only. Why would you want to do that? If you’re already using a third-party email provider for...
GNU Mailutils 0.6 Mail Email Header Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13766/info GNU Mailutils mail is affected by an email header buffer overflow vulnerability. The problem exists in the 'headergetfieldname' function of the 'mailbox/header.c' source file and manifests while the software is...