[SECURITY] [DSA 2889-1] postfixadmin security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2889-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 28, 2014 http://www.debian.org/security/faq -...

CVE-2014-2655

SQL injection vulnerability in the genshowstatus function in functions.inc.php in Postfix Admin aka postfixadmin before 2.3.7 allows remote authenticated users to execute arbitrary SQL commands via a new alias...

Debian DSA-2889-1 : postfixadmin - security update

A SQL injection vulnerability was discovered in postfixadmin, a web administration interface for the Postfix Mail Transport Agent, which allowed authenticated users to make arbitrary manipulations to the database. The oldstable distribution squeeze does not contain postfixadmin. %NASLMINLEVEL 703...

[SECURITY] [DSA 2889-1] postfixadmin security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2889-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 28, 2014 http://www.debian.org/security/faq -...

DSA-2889-1 postfixadmin - security update

Bulletin has no description...

Debian Security Advisory DSA 2889-1 (postfixadmin - security update)

An SQL injection vulnerability was discovered in postfixadmin, a web administration interface for the Postfix Mail Transport Agent, which allowed authenticated users to make arbitrary manipulations to the database. The oldstable distribution squeeze does not contain postfixadmin. OpenVAS...

postfixadmin -- SQL injection vulnerability

Thijs Kinkhorst reports: Postfixadmin has an SQL injection vulnerability. This vulnerability is only exploitable by authenticated users able to create new aliases...

Debian: Security Advisory (DSA-2889-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 201209-18 (postfixadmin)

The remote host is missing updates announced in advisory GLSA 201209-18. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 201209-18 (postfixadmin)

The remote host is missing updates announced in advisory GLSA 201209-18. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

GLSA-201209-18 : Postfixadmin: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201209-18 Postfixadmin: Multiple vulnerabilities Multiple SQL injection vulnerabilities CVE-2012-0811 and cross-site scripting vulnerabilities CVE-2012-0812 have been found in Postfixadmin. Impact : A remote attacker could exploit...

Postfixadmin: Multiple vulnerabilities

Background Postfixadmin is a web-based management tool for Postfix-style virtual domains and users. Description Multiple SQL injection vulnerabilities CVE-2012-0811 and cross-site scripting vulnerabilities CVE-2012-0812 have been found in Postfixadmin. Impact A remote attacker could exploit these...

Multiple vulnerabilities in postfixadmin

Advisory ID: CSA-12002 Title: Multiple vulnerabilities in postfixadmin Product: postfixadmin Version: 2.3.4 and probably prior Vendor: www.postifixadmin.org Vulnerability type: SQL injection, XSS Vendor notification: 2012-01-10 Public disclosure: 2012-01-26 postfixadmin version 2.3.4 and probably...

FreeBSD Ports: postfixadmin

The remote host is missing an update to the system as announced in the referenced advisory. VID 93688f8f-4935-11e1-89b4-001ec9578670 OpenVAS Vulnerability Test $ Description: Auto generated from VID 93688f8f-4935-11e1-89b4-001ec9578670 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

FreeBSD Ports: postfixadmin

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD : postfixadmin -- Multiple Vulnerabilities (93688f8f-4935-11e1-89b4-001ec9578670)

The Postfix Admin Team reports : Multiple XSS vulnerabilities exist : - XSS with $GETdomain in templates/menu.php and edit-vacation - XSS in some create-domain input fields - XSS in create-alias and edit-alias error message - XSS by values stored in the database in fetchmail list view, list-domai...

Postfixadmin 2.3.4 SQL Injection / Cross Site Scripting

Advisory ID: CSA-12002 Title: Multiple vulnerabilities in postfixadmin Product: postfixadmin Version: 2.3.4 and probably prior Vendor: www.postifixadmin.org Vulnerability type: SQL injection, XSS Vendor notification: 2012-01-10 Public disclosure: 2012-01-26 postfixadmin version 2.3.4 and probably...

postfixadmin -- Multiple Vulnerabilities

The Postfix Admin Team reports: Multiple XSS vulnerabilities exist: - XSS with $GETdomain in templates/menu.php and edit-vacation - XSS in some create-domain input fields - XSS in create-alias and edit-alias error message - XSS by values stored in the database in fetchmail list view, list-domain...