Lucene search
K

17 matches found

HackRead
HackRead
added 2023/01/25 9:33 p.m.21 views

New Wave of Cyberattacks Targeting MS Exchange Servers

By Waqas Cybercriminals are leveraging two exploit chains ProxyNotShell/OWASSRF to target Microsoft Exchange servers, as warned by Bitdefender Labs. This is a post from HackRead.com Read the original post: New Wave of Cyberattacks Targeting MS Exchange Servers...

2.9AI score
Exploits0
Securelist
Securelist
added 2022/12/19 4:15 p.m.991 views

CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange

Summary At the end of September, GTSC reported an attack on critical infrastructure that took place in August. During the investigation, experts found that two 0-day vulnerabilities in Microsoft Exchange Server were used in the attack. The first one, later identified as CVE-2022-41040, is a...

10CVSS1.1AI score0.94212EPSS
Exploits34
The Hacker News
The Hacker News
added 2022/06/21 1:22 p.m.32 views

New ToddyCat Hacker Group on Experts' Radar After Targeting MS Exchange Servers

An advanced persistent threat APT actor codenamed ToddyCat has been linked to a string of attacks aimed at government and military entities in Europe and Asia since at least December 2020. The relatively new adversarial collective is said to have commenced its operations by targeting Microsoft...

2.3AI score
Exploits0
CNVD
CNVD
added 2021/09/08 12:0 a.m.24 views

libspf2 buffer overflow vulnerability

libspf2 is a library that allows email systems such as Sendmail, Postfix, Exim, Zmailer, and MS Exchange to check SPF records and ensure that email is authorized from its domain. libspf2 suffers from a buffer overflow vulnerability, which stems from the fact that libspf2's SPF macro can trigger a...

9.8CVSS4.7AI score0.00169EPSS
Exploits0References1
HackRead
HackRead
added 2021/04/14 11:43 p.m.46 views

Unpatched MS Exchange servers hit by cryptojacking malware

By Waqas Threat actors are looking for vulnerable, unpatched Microsoft Exchange servers and installing cryptocurrency mining malware on them. This is a post from HackRead.com Read the original post: Unpatched MS Exchange servers hit by cryptojacking malware...

2.5AI score
Exploits0
OSV
OSV
added 2021/01/16 6:54 p.m.2 views

OPENSUSE-SU-2021:0093-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: - Mozilla Thunderbird 78.6.1 changed: MailExtensions: browserAction, composeAction, and messageDisplayAction toolbar buttons now support label and defaultlabel properties bmo1583478 fixed: Running a quicksearch that returned no result...

8.8CVSS9AI score0.00377EPSS
Exploits0References3
NVD
NVD
added 2019/11/15 6:15 p.m.15 views

CVE-2019-12759

Symantec Endpoint Protection Manager SEPM and Symantec Mail Security for MS Exchange SMSMSE, prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software applicati...

7.8CVSS7.9AI score0.00055EPSS
Exploits0References1
CVE
CVE
added 2019/11/15 5:41 p.m.99 views

CVE-2019-12759

CVE-2019-12759 affects Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security for Exchange (SMSMSE) prior to SEPM 14.2 RU2 and SMSMSE 7.5.x, introducing a privilege-escalation flaw. Technical details point to the LuComServer stDisScriptEngine class as the root cause, enabling loca...

7.8CVSS7.9AI score0.00055EPSS
Exploits0References1Affected Software2
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2017/07/20 3:10 a.m.61 views

Skype for business is also vulnerable to the autodiscovery issue

An issue in WPAD proxy automatic configuration was first discovered by Maxim Andreev back in 2015 at the MailRu group security meet-up and then was presented by Maxim Goncharov at BlackHat US 2016 slides. This year Ilya Nesterov and Maxim Goncharov presented a continuation of this research and...

6.9AI score
Exploits0
hackapp
hackapp
added 2016/04/01 8:47 a.m.14 views

Tasks & Notes for MS Exchange - Customized SSL, Exported ContentProvider, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Tasks & Notes for MS Exchange published at the 'play' market has multiple vulnerabilities...

0.6AI score
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.27 views

Computer Associates InoculateIT 4.53 MS Exchange Agent Vulnerability

No description provided by source. source : http://www.securityfocus.com/bid/1935/info InoculateIT 4.52 is a popular antivirus agent for Microsoft Exchange Servers. A vulnerability exists in the InoculateIT Agent for MS Exchange that can allow a local attacker to pass a virus through both the age...

7.1AI score
Exploits0
Fedora
Fedora
added 2012/05/08 4:16 a.m.36 views

[SECURITY] Fedora 17 Update: evolution-mapi-3.4.1-3.fc17

This package allows Evolution to interact with MS Exchange 2007 servers...

6.5CVSS4.8AI score0.02255EPSS
Exploits0
OpenVAS
OpenVAS
added 2009/03/13 12:0 a.m.14 views

F-Secure Multiple Products Detection (Windows SMB Login)

SMB login-based detection of F-Secure Anti-Virus for MS Exchange, Workstations and Internet GateKeeper. Copyright C 2009 Greenbone Networks GmbH, http://www.greenbone.net Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

0.3AI score
Exploits0
Metasploit
Metasploit
added 2007/05/01 1:31 p.m.23 views

MS06-019 Exchange MODPROP Heap Overflow

This module triggers a heap overflow vulnerability in MS Exchange that occurs when multiple malformed MODPROP values occur in a VCAL request. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule...

7.5CVSS7.6AI score0.67468EPSS
Exploits2
CVE
CVE
added 2005/11/02 11:0 p.m.50 views

CVE-2005-3468

CVE-2005-3468 describes a directory traversal vulnerability in F-Secure Anti-Virus for Microsoft Exchange 6.40 and Internet Gatekeeper 6.40–6.42. The flaw lets limited remote attackers bypass Web Console authentication and read files, exposing partial confidentiality. The provided documents confi...

5CVSS7.3AI score0.00832EPSS
Exploits0References6Affected Software2
securityvulns
securityvulns
added 2002/03/02 12:0 a.m.39 views

Релеинг через MS Exchange (Mail Relaying)

Любой пользователь, способный пройти авторизацию получает доступ к SMTP-серверу...

0.4AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2001/09/11 12:0 a.m.45 views

RPC DoS против MS Exchange/SQL/Windows NT/2000

Некорректный RPCзапрос приводит к краху сервисов...

0.5AI score
Exploits0References3Affected Software2
Rows per page
Query Builder