69 matches found
CVE-2008-2784
The smtpfilter function in spamdyke before 3.1.8 does not filter RCPT commands after encountering the first DATA command, which allows remote attackers to use the server as an open mail relay by sending RCPT commands with invalid recipients, followed by a DATA command, followed by arbitrary RCPT...
CVE-2008-2784
CVE-2008-2784 affects spamdyke prior to 3.1.8. The smtp_filter fails to properly filter RCPT commands after the first DATA command, enabling a remote attacker to use the server as an open relay by issuing RCPT commands with invalid recipients, then a DATA, and continuing with RCPT/DATA sequences....
уязвимости скриптов с www.wr-script.ru (wr-board 1.4Lite)
1 DoS. Не проверяется значение параметра page в index.php http://wr-script.host/board/index.php?event=list&id=112420973596&page=-10000000000000000 2 Открытая почтовая форма. Адрес по которому будет отправлено сообщение с доски передается в поле uemail hidden. Пример использования:...
GUESTEX-exec.pl.txt
Creator: K-sPecial xzziroz.net of .aware awarenetwork.org Name: GUESTEX-exec.pl Date: 06/07/2006 Version: 1.00 1.00 06/07/2006 - GUESTEX-exec.pl created Description: GUESTEX guestbook is vulnerable to remote code execution in how it handles it's 'email' parameter. $form'email' is used when openni...
CVE-2006-0977
The CVE-2006-0977 entry concerns Craig Morrison Mail Transport System Professional (MTS Pro), which acts as an open mail relay when configured to forward all mail to an external SMTP server. The vulnerability allows remote attackers to relay messages by connecting to the MTS Pro server and issuin...
CVE-2005-2857
Free SMTP Server 2.2 allows remote attackers to use the server as an open mail relay spam proxy...
CVE-2005-2857
Free SMTP Server 2.2 allows remote attackers to use the server as an open mail relay spam proxy...
CVE-2005-2857
CVE-2005-2857 affects Free SMTP Server 2.2 and allows remote attackers to use the server as an open mail relay (spam proxy). The vulnerability is a remote access issue enabling unauthorized relaying, leading to abuse for sending spam. The provided documents identify the affected software/version ...
Free SMTP Server Open Mail Relay Vulnerability
Secunia Advisory: SA16698 Release Date: 2005-09-05 Critical: Moderately critical Impact: Security Bypass Where: From remote Solution Status: Unpatched Software: Free SMTP Server 2.x Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it. Description:...
CVE-2005-0431
Barracuda Spam Firewall 3.1.10 and earlier does not restrict the domains that white-listed domains can send mail to, which allows members of white-listed domains to use Barracuda as an open mail relay for spam...
CVE-2005-0431
CVE-2005-0431 : Barracuda Spam Firewall 3.1.10 and earlier allows white-listed domains to relay mail to arbitrary destinations, creating an open relay. Root cause: insufficient restriction on destination domains for white-listed senders. Impact: enables spam relaying; CVSS from NVD lists base sco...
CVE-2004-0833
Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages...
CVE-2004-0833
Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages...
CVE-2004-0833
Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages...
CVE-2004-0833
Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages...
CVE-2004-0833
CVE-2004-0833 affects Debian GNU/Linux Sendmail prior to 8.12.3 when sasl/sasl-bin is used. The Debian security advisory indicates that the Sendmail configuration script initializes the sasl database with a fixed username and password, enabling a remote attacker to use Sendmail as an open mail re...
CVE-2004-0833
Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages...
Debian DSA-437-1 : cgiemail - open mail relay
A vulnerability was discovered in cgiemail, a CGI program used to email the contents of an HTML form, whereby it could be used to send email to arbitrary addresses. This type of vulnerability is commonly exploited to send unsolicited commercial email spam. %NASLMINLEVEL 70300 C Tenable Network...
CVE-2002-1278
CVE-2002-1278 affects Linuxconf’s mailconf module (Linuxconf 1.24 and earlier than 1.28) on Conectiva Linux 6.0–8 (and possibly other distros). The vulnerability stems from generating sendmail.cf in a way that leaves Sendmail configured as an open relay, enabling remote attackers to send spam. Pu...
CVE-2002-1278
The mailconf module in Linuxconf 1.24, and other versions before 1.28, on Conectiva Linux 6.0 through 8, and possibly other distributions, generates the Sendmail configuration file sendmail.cf in a way that configures Sendmail to run as an open mail relay, which allows remote attackers to send Sp...