Lucene search
K

256 matches found

securityvulns
securityvulns
added 2015/10/11 12:0 a.m.58 views

Qualys Security Advisory - OpenSMTPD Audit Report

Sorry for the "CVE-2015-ABCD" place-holders in the report, but OpenSMTPD's developers were ready with the patches before MITRE was ready with the CVE-IDs. Qualys Security Advisory OpenSMTPD Audit Report ======================================================================== Contents...

1AI score
Exploits0
securityvulns
securityvulns
added 2015/10/11 12:0 a.m.29 views

OpenSMTPD multiple security vulnerabilities

DoS conditions, information disclosure, multiple memory corruptions...

1.1AI score
Exploits0References1Affected Software1
ArchLinux
ArchLinux
added 2015/10/08 12:0 a.m.26 views

opensmtpd: multiple issues

an oversight in the portable version of fgetln that allows attackers to read and write out-of-bounds memory - multiple denial-of-service vulnerabilities that allow local users to kill or hang OpenSMTPD - a stack-based buffer overflow that allows local users to crash OpenSMTPD, or execute...

9.7AI score0.04094EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2015/10/06 12:0 a.m.10 views

FreeBSD : OpenSMTPD -- multiple vulnerabilities (42852f72-6bd3-11e5-9909-002590263bf5)

OpenSMTPD developers report : fix an mda buffer truncation bug which allows a user to create forward files that pass session checks but fail delivery later down the chain, within the user mda fix remote buffer overflow in unprivileged pony process reworked offline enqueue to better protect agains...

5.8AI score
Exploits0References3
0day.today
0day.today
added 2015/10/05 12:0 a.m.35 views

OpenSMTPD Remotely triggerable buffer overflow Vulnerability

Exploit for openbsd platform in category remote exploits I'm passing the gauntlet for anyone who wants to analyze this for impact etc. There's a remotely triggerable buffer overflow in OpenBSD's OpenSMTPD -- the latest version, 5.7.2 -- reachable by sending messages with huge header lines. Qualys...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/10/05 12:0 a.m.39 views

FreeBSD : OpenSMTPD -- multiple vulnerabilities (ee7bdf7f-11bb-4eea-b054-c692ab848c20)

OpenSMTPD developers report : an oversight in the portable version of fgetln that allows attackers to read and write out-of-bounds memory multiple denial-of-service vulnerabilities that allow local users to kill or hang OpenSMTPD a stack-based buffer overflow that allows local users to crash...

9.8CVSS9.2AI score0.04094EPSS
Exploits1References3
FreeBSD
FreeBSD
added 2015/10/04 12:0 a.m.15 views

OpenSMTPD -- multiple vulnerabilities

OpenSMTPD developers report: fix an mda buffer truncation bug which allows a user to create forward files that pass session checks but fail delivery later down the chain, within the user mda fix remote buffer overflow in unprivileged pony process reworked offline enqueue to better protect against...

4AI score
Exploits0References2
FreeBSD
FreeBSD
added 2015/10/02 12:0 a.m.28 views

OpenSMTPD -- multiple vulnerabilities

OpenSMTPD developers report: an oversight in the portable version of fgetln that allows attackers to read and write out-of-bounds memory multiple denial-of-service vulnerabilities that allow local users to kill or hang OpenSMTPD a stack-based buffer overflow that allows local users to crash...

9.8CVSS9.8AI score0.04094EPSS
Exploits1References1
CVE
CVE
added 2014/05/27 3:0 p.m.64 views

CVE-2013-2125

OpenSMTPD is affected when running versions before 5.3.2, where SSL session handling allows remote attackers to cause a denial of service by keeping a TLS connection open, leading to connection blocking. The issue is confirmed across multiple sources (OpenSMTPD/OpenVAS listing and CVE-2013-2125 r...

5CVSS6.8AI score0.02474EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2014/05/27 3:0 p.m.30 views

CVE-2013-2125

OpenSMTPD before 5.3.2 does not properly handle SSL sessions, which allows remote attackers to cause a denial of service connection blocking by keeping a connection open...

6.6AI score0.02474EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2014/05/27 3:0 p.m.25 views

CVE-2013-2125

OpenSMTPD before 5.3.2 does not properly handle SSL sessions, which allows remote attackers to cause a denial of service connection blocking by keeping a connection open...

5CVSS6.2AI score0.02474EPSS
Exploits1
NVD
NVD
added 2014/05/27 2:55 p.m.24 views

CVE-2013-2125

OpenSMTPD before 5.3.2 does not properly handle SSL sessions, which allows remote attackers to cause a denial of service connection blocking by keeping a connection open...

5CVSS6.6AI score0.02474EPSS
Exploits1References6
OSV
OSV
added 2014/05/27 2:55 p.m.5 views

CVE-2013-2125

OpenSMTPD before 5.3.2 does not properly handle SSL sessions, which allows remote attackers to cause a denial of service connection blocking by keeping a connection open...

6.8AI score
Exploits0References7
OSV
OSV
added 2014/05/27 2:55 p.m.3 views

DEBIAN-CVE-2013-2125

OpenSMTPD before 5.3.2 does not properly handle SSL sessions, which allows remote attackers to cause a denial of service connection blocking by keeping a connection open...

5CVSS6.8AI score0.02474EPSS
Exploits1References1
Prion
Prion
added 2014/05/27 2:55 p.m.15 views

Open redirect

OpenSMTPD before 5.3.2 does not properly handle SSL sessions, which allows remote attackers to cause a denial of service connection blocking by keeping a connection open...

5CVSS7.1AI score0.02474EPSS
Exploits1References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/05/24 12:0 a.m.36 views

OpenSMTPD TLS Blocking Socket Remote DoS

The remote OpenSMTPD mail server has a flaw that could result in further connections to it being blocked when a client holds open a TLS connection. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid66586;...

5CVSS5.5AI score0.02474EPSS
Exploits1References3
Rows per page
Query Builder