2 matches found
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via the internal stream buffers SmtpStream, ImapStream, and Pop3Stream not being flushed during the STARTTLS upgrade process. An attacker c...
RHEL 4 / 5 : postfix (RHSA-2011:0422)
The remote Redhat Enterprise Linux 4 / 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0422 advisory. - postfix improper mailbox permissions CVE-2008-2937 - postfix: SMTP commands injection during plaintext to TLS session switch...