CVE-2024-28054

Amavis before 2.12.3 and 2.13.x before 2.13.1, in part because of its use of MIME-tools, has an Interpretation Conflict relative to some mail user agents when there are multiple boundary parameters in a MIME email message. Consequently, there can be an incorrect check for banned files or malware...

ROS-20240611-03

A vulnerability in the MIME-tools component of the open-source content filter for Amavis email is related to an interpretation conflict when a MIME email message has multiple boundary parameters. Exploitation of the vulnerability could allow an attacker acting remotely to elevate the privileges...

Mageia: Security Advisory (MGASA-2024-0212)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated amavisd-new packages fix security vulnerability

Amavis before 2.12.3 and 2.13.x before 2.13.1, in part because of its use of MIME-tools, has an Interpretation Conflict relative to some mail user agents when there are multiple boundary parameters in a MIME email message. Consequently, there can be an incorrect check for banned files or malware...

Fedora 40 : amavis (2024-8bbcae6af2)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-8bbcae6af2 advisory. Update to version 2.13.1 Fix CVE-2024-28054 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...

Fedora 39 : amavis (2024-3cf9eb64ba)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-3cf9eb64ba advisory. Update to version 2.13.1 Fix CVE-2024-28054 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...

DEBIAN-CVE-2024-28054

Amavis before 2.12.3 and 2.13.x before 2.13.1, in part because of its use of MIME-tools, has an Interpretation Conflict relative to some mail user agents when there are multiple boundary parameters in a MIME email message. Consequently, there can be an incorrect check for banned files or malware...

CVE-2024-28054

Amavis before 2.12.3 and 2.13.x before 2.13.1, in part because of its use of MIME-tools, has an Interpretation Conflict relative to some mail user agents when there are multiple boundary parameters in a MIME email message. Consequently, there can be an incorrect check for banned files or malware...

CVE-2024-28054

The CVE-2024-28054 issue affects amavisd-new (Amavis) before 2.12.3 and 2.13.x before 2.13.1, caused by MIME-tools usage leading to an Interpretation Conflict when multiple MIME boundary parameters are present. This can result in an incorrect check for banned files or malware, depending on mail u...

CVE-2024-28054

Amavis before 2.12.3 and 2.13.x before 2.13.1, in part because of its use of MIME-tools, has an Interpretation Conflict relative to some mail user agents when there are multiple boundary parameters in a MIME email message. Consequently, there can be an incorrect check for banned files or malware...

Heap Overflow Vulnerability in Notepad++ MIME Tools Plugin 2.1 memove Function

Notepad++ is a free plain text editor. A heap overflow vulnerability exists in the Notepad++ MIME Tools Plugin 2.1 memove function, which can be exploited by a remote attacker to construct a special text file that can be tricked into parsing by the application, which can crash the application...

SLES9: Security update for perl-MIME-tools

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: perl-MIME-tools More details may also be found by searching for keyword 5011542 within the SuSE Enterprise Server 9 patch database at...

SLES9: Security update for perl-MIME-tools

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: perl-MIME-tools More details may also be found by searching for keyword 5011542 within the SuSE Enterprise Server 9 patch database linked in the references...

SuSE9 Security Update : perl-MIME-tools (YOU Patch Number 9460)

A bug when parsing empty MIME boundaries was fixed that allowed a mail virus to slip through virus scanners undetected. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Gentoo Security Advisory GLSA 200411-06 (MIME-tools)

The remote host is missing updates announced in advisory GLSA 200411-06. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200411-06 (MIME-tools)

The remote host is missing updates announced in advisory GLSA 200411-06. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MIME-tools 5.411 (Entity 5.404)

Reported by Freeprotect.NET member ------------------------------------------------ Singapore Gallery is open source code, it is nice and easy to use. It is provided by http://www.sgal.org However it contain an error: http://site.ext/index.php?gallery=./index.php Warning:...

MIME-tools 5.411 (Entity 5.404)

a xss attack is possible in index.php http://127.0.01/myphp/index.php?lang="scriptalert1337/script...

GLSA-200411-06 : MIME-tools: Virus detection evasion

The remote host is affected by the vulnerability described in GLSA-200411-06 MIME-tools: Virus detection evasion MIME-tools doesn't correctly parse attachment boundaries with an empty name boundary=''. Impact : An attacker could send a carefully crafted email and evade detection on some email...

MIME-tools: Virus detection evasion

Background MIME-tools is a Perl module containing functions to handle MIME attachments. Description MIME-tools doesn't correctly parse attachment boundaries with an empty name boundary="". Impact An attacker could send a carefully crafted email and evade detection on some email virus-scanning...