Lucene search
+L

121 matches found

OSV
OSV
added 2019/08/08 8:15 a.m.6 views

CVE-2019-1955

A vulnerability in the Sender Policy Framework SPF functionality of Cisco AsyncOS Software for Cisco Email Security Appliances ESA could allow an unauthenticated, remote attacker to bypass configured user filters on the device. The vulnerability is due to incomplete input and validation checking...

7.5CVSS6.4AI score0.01413EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/08 12:0 a.m.1 views

Cisco Email Security Appliance AsyncOS Software Input Validation Error Vulnerability (CNVD-2020-16476)

Cisco Email Security Appliance ESA is an email security appliance from Cisco in the U.S. AsyncOS Software is the operating system that runs on it. An input validation error vulnerability exists in AsyncOS Software in the Cisco Email Security Appliance. The vulnerability stems from the lack of a...

7.5CVSS7AI score0.01413EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/08/07 12:0 a.m.9 views

PT-2019-3142 · Cisco · Cisco Email Security Appliance

Name of the Vulnerable Software and Affected Versions: Cisco Email Security Appliance ESA affected versions not specified Description: The issue is related to the Sender Policy Framework SPF component of the Cisco Email Security Appliance ESA, which has a vulnerability due to insufficient input...

7.5CVSS5.4AI score0.01413EPSS
Exploits0References4
OSV
OSV
added 2019/08/06 2:15 p.m.7 views

CVE-2016-10793

cPanel before 59.9999.145 allows arbitrary code execution due to an incorrect ! in Mail::SPF scripts SEC-152...

8.8CVSS6.3AI score0.0149EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/05/31 12:0 a.m.7 views

The vulnerability of the anti-spam protection mechanism of the Cisco Email Security Appliance allows attackers to compromise the integrity of the protected information.

The vulnerability of the anti-spam protection mechanism of Cisco Email Security Appliance is related to errors in the verification of Sender Policy Framework SPF messages. Exploiting this vulnerability allows a malicious actor to compromise the integrity of the protected information by sending...

5.3CVSS5.9AI score0.02276EPSS
Exploits0References2
CNVD
CNVD
added 2018/09/07 12:0 a.m.3 views

Cisco Email Security Appliance AsyncOS Software Access Control Error Vulnerability

Cisco Email Security Appliance ESA is a set of email security appliances from Cisco USA. The appliance provides spam protection, email encryption, data loss prevention, etc. AsyncOS Software is a set of operating systems used in it. An access control error vulnerability exists in the anti-spam...

5.3CVSS5.5AI score0.02276EPSS
Exploits0References1
Hacker One
Hacker One
added 2016/04/15 6:24 a.m.11 views

Paragon Initiative Enterprises: Vunerability : spf

Heĺlo sir, im an independent security researcher. I found an vunerability in your website Your website https://github.com/paragonie doesn't have valid spf records. To recover this do validate your spf. Sender Policy Framework SPF: This allows you specify which mail servers are allowed to send mai...

0.8AI score
Exploits0
Hacker One
Hacker One
added 2016/02/26 11:17 p.m.46 views

Cakebet: Sender policy framework (SPF) records evaluation return (Too many DNS lookups) error

Hi Security Team , Your SPF record suffers from a “too many lookups” error. The specifications for the SPF record limit the number of lookups such as, translating a name to an IP address to 10. An SPF record like what is shown below will have the too many lookup errors : Found v=spf1 record for...

0.9AI score
Exploits0
Hacker One
Hacker One
added 2016/02/08 2:3 p.m.17 views

Paragon Initiative Enterprises: Missing SPF for paragonie.com

There is no TXT record in DNS zone that defines Sender Policy Framework entry for domain paragonie.com. This makes it easy to spoof your e-mail address. For SPF record just check this http://www.kitterman.com/spf/validate.html...

0.4AI score
Exploits0
Hacker One
Hacker One
added 2016/02/08 12:53 a.m.11 views

Paragon Initiative Enterprises: Missing SPF

There is no TXT record in DNS zone that defines Sender Policy Framework entry for domain paragonie.com. This makes it easy to spoof your e-mail address...

2.5AI score
Exploits0
Hacker One
Hacker One
added 2016/02/07 4:0 p.m.22 views

Paragon Initiative Enterprises: Missing SPF for https://paragonie.com/

There is no TXT record in DNS zone that defines Sender Policy Framework entry for domain paragonie.com. This makes it easy to spoof your e-mail address...

0.7AI score
Exploits0
CNVD
CNVD
added 2015/06/17 12:0 a.m.4 views

Cisco Email Security Appliance Anti-Spam Scanner Remote Security Bypass Vulnerability

Cisco Email Security Appliance ESA is a set of e-mail security appliances from the American company Cisco Cisco. The appliance provides spam protection, email encryption, data loss prevention and other features. A security vulnerability exists in the anti-spam scanner of the Cisco ESA appliance...

5CVSS6.8AI score0.03491EPSS
Exploits0References1
NVD
NVD
added 2013/01/17 1:55 a.m.18 views

CVE-2013-0354

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5, and EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3, allows remote attackers to affect integrity via unknown vectors related to Policy Framework...

4.3CVSS5.8AI score0.01228EPSS
Exploits0References4
Prion
Prion
added 2013/01/17 1:55 a.m.19 views

Code injection

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5, and EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3, allows remote attackers to affect integrity via unknown vectors related to Policy Framework...

4.3CVSS6.3AI score0.01228EPSS
Exploits0References4Affected Software2
CERT
CERT
added 2008/10/30 12:0 a.m.37 views

libspf2 DNS TXT record parsing buffer overflow

Overview libspf2 contains a buffer overflow vulnerability in code that parses DNS TXT records. Description libspf2 is a widely-deployed implementation of the Sender Policy Framework. According to RFC 4408: An SPF record is a DNS Resource Record RR that declares which hosts are, and are not,...

10CVSS7.3AI score0.2225EPSS
Exploits2References3
Gentoo Linux
Gentoo Linux
added 2008/10/30 12:0 a.m.30 views

libspf2: DNS response buffer overflow

Background libspf2 is a library that implements the Sender Policy Framework, allowing mail transfer agents to make sure that an email is authorized by the domain name that it is coming from. Currently, only the exim MTA uses libspf2 in Gentoo. Description libspf2 uses a fixed-length buffer to...

10CVSS6.8AI score0.2225EPSS
Exploits2
UbuntuCve
UbuntuCve
added 2006/05/22 11:10 p.m.31 views

CVE-2006-1520

Format string vulnerability in ANSI C Sender Policy Framework library libspf before 1.0.0-p5, when debugging is enabled, allows remote attackers to execute arbitrary code via format string specifiers, possibly in an e-mail address...

6.4CVSS6.3AI score0.02547EPSS
Exploits0References1
Prion
Prion
added 2006/05/22 11:10 p.m.14 views

Format string

Format string vulnerability in ANSI C Sender Policy Framework library libspf before 1.0.0-p5, when debugging is enabled, allows remote attackers to execute arbitrary code via format string specifiers, possibly in an e-mail address...

6.4CVSS8AI score0.02547EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2006/05/22 11:0 p.m.48 views

CVE-2006-1520

CVE-2006-1520 affects libspf before 1.0.0-p5. When debugging is enabled, it allows remote attackers to execute arbitrary code via format string specifiers, possibly in an e-mail address. Impact: remote code execution. A fix is available in libspf 1.0.0-p5 or later; upgrade to mitigate.

6.4CVSS7.8AI score0.02547EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2005/07/06 4:0 a.m.8 views

CVE-2005-2151

spf.c in Courier Mail Server does not properly handle DNS failures when looking up Sender Policy Framework SPF records, which could allow attackers to cause memory corruption...

6.2AI score
Exploits0References2
Rows per page
Query Builder