115 matches found
CVE-2005-0337
Postfix 2.1.3, when /proc/net/ifinet6 is not available and permitmxbackup is enabled in smtpdrecipientrestrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname...
DEBIAN-CVE-2005-0337
Postfix 2.1.3, when /proc/net/ifinet6 is not available and permitmxbackup is enabled in smtpdrecipientrestrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname...
Low: Red Hat Security Advisory: postfix security update
Updated postfix packages that include a security fix and two other bug fixes are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team Postfix is a Mail Transport Agent MTA, supporting LDAP, SMTP AUTH SASL, and...
Unauthorized Barracuda Spam Firewall message relaying
If there is a whitelisted domain any mail originated from this domain is relayed...
CVE-2005-0337
Postfix 2.1.3, when /proc/net/ifinet6 is not available and permitmxbackup is enabled in smtpdrecipientrestrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname...
CVE-2005-0337
Postfix 2.1.3, when /proc/net/ifinet6 is not available and permitmxbackup is enabled in smtpdrecipientrestrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname...
CVE-2005-0337
CVE-2005-0337 affects Postfix 2.1.3 where, if /proc/net/if_inet6 is unavailable and permit_mx_backup is enabled in smtpd_recipient_restrictions, remote attackers can bypass email restrictions and perform mail relaying by delivering to an IPv6 hostname. The issue is a flaw in the IPv6 handling pat...
Postfix mail server IPv6 configuration unauthorized mail relaying
In specific configurations, for example if ran in chroot environment on IPv6 network, message relaying is not limited allowing relay to be used for SPAM sending...
Debian DSA-554-1 : sendmail - pre-set password
Hugo Espuny discovered a problem in sendmail, a commonly used program to deliver electronic mail. When installing 'sasl-bin' to use sasl in connection with sendmail, the sendmail configuration script use fixed user/pass information to initialise the sasl database. Any spammer with Debian systems...
Sendmail relaying
Predefined user account is used to initialize SASL database...
DSA-554-1 sendmail - pre-set password
Bulletin has no description...
Simple Form Subject Tags Arbitrary Mail Relay
The target is running at least one instance of Simple Form which fails to remove newlines from variables used to construct message headers. A remote attacker can exploit this flaw to add to the list of recipients, enabling him to use Simple Form on the target as a proxy for sending abusive mail o...
Simple Form Multiple Parameter Arbitrary Mail Relaying
The target is running at least one instance of Simple Form, which fails to validate the parameters 'adminemailto' and 'adminemailfrom'. An attacker, exploiting this flaw, would be able to send email through the server utilizing the form to any arbitrary recipient with any arbitrary message conten...
Windows NTLM relaying attacks
Some client program use NTLM authentication with user's permission without user request. It may leak to NTLM credentials and perform choosen challenge attack and comprometation of server's with client credentials by relaying NTLM request...
Amavis 0.1.6 - Header Parsing Mail Relaying
Amavis 0.1.6 - Header Parsing Mail Relaying source: https://www.securityfocus.com/bid/7306/info It has been reported that some versions of Amavis-ng do not properly interact with Postfix. Because of this, an attacker may be able to circumvent relay restrictions. telnet somemx.domain.tld 25 220...
CVE-2002-0054
SMTP service in 1 Microsoft Windows 2000 and 2 Internet Mail Connector IMC in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote attackers to perform mail relaying via an SMTP AUTH command using null session credentials...
EUVD-2002-0054
SMTP service in 1 Microsoft Windows 2000 and 2 Internet Mail Connector IMC in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote attackers to perform mail relaying via an SMTP AUTH command using null session credentials...
CVE-2002-2261
Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restrictions enforced by the 'checkrelay' function by spoofing a blank DNS hostname...
CVE-2002-2261
Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restrictions enforced by the 'checkrelay' function by spoofing a blank DNS hostname...
CVE-2001-0504
The CVE-2001-0504 entry affects the SMTP service in Microsoft Windows 2000. A flaw in the authentication handling could allow an intruder to bypass credentials, enabling the attacker to send mail and, in effect, relay through the vulnerable server. The underlying issue is a weakness in how the SM...