Lucene search
+L

115 matches found

osv
osv
added 2005/05/02 4:0 a.m.9 views

CVE-2005-0337

Postfix 2.1.3, when /proc/net/ifinet6 is not available and permitmxbackup is enabled in smtpdrecipientrestrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname...

6.5AI score
Exploits0References7
osv
osv
added 2005/05/02 4:0 a.m.8 views

DEBIAN-CVE-2005-0337

Postfix 2.1.3, when /proc/net/ifinet6 is not available and permitmxbackup is enabled in smtpdrecipientrestrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname...

7.5CVSS7AI score0.02806EPSS
Exploits0References1
redhat
redhat
added 2005/03/16 2:56 p.m.34 views

Low: Red Hat Security Advisory: postfix security update

Updated postfix packages that include a security fix and two other bug fixes are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team Postfix is a Mail Transport Agent MTA, supporting LDAP, SMTP AUTH SASL, and...

7.5CVSS5.8AI score0.02806EPSS
Exploits0References4
securityvulns
securityvulns
added 2005/02/12 12:0 a.m.30 views

Unauthorized Barracuda Spam Firewall message relaying

If there is a whitelisted domain any mail originated from this domain is relayed...

2AI score
Exploits0References1Affected Software1
cvelist
cvelist
added 2005/02/10 5:0 a.m.34 views

CVE-2005-0337

Postfix 2.1.3, when /proc/net/ifinet6 is not available and permitmxbackup is enabled in smtpdrecipientrestrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname...

6.6AI score0.02806EPSS
Exploits0References7
debiancve
debiancve
added 2005/02/10 5:0 a.m.49 views

CVE-2005-0337

Postfix 2.1.3, when /proc/net/ifinet6 is not available and permitmxbackup is enabled in smtpdrecipientrestrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname...

7.5CVSS6.4AI score0.02806EPSS
Exploits0
cve
cve
added 2005/02/10 5:0 a.m.167 views

CVE-2005-0337

CVE-2005-0337 affects Postfix 2.1.3 where, if /proc/net/if_inet6 is unavailable and permit_mx_backup is enabled in smtpd_recipient_restrictions, remote attackers can bypass email restrictions and perform mail relaying by delivering to an IPv6 hostname. The issue is a flaw in the IPv6 handling pat...

7.5CVSS6.6AI score0.02806EPSS
Exploits0References7Affected Software1
securityvulns
securityvulns
added 2005/02/05 12:0 a.m.70 views

Postfix mail server IPv6 configuration unauthorized mail relaying

In specific configurations, for example if ran in chroot environment on IPv6 network, message relaying is not limited allowing relay to be used for SPAM sending...

2.7AI score
Exploits0References1Affected Software1
nessus
nessus
added 2004/09/29 12:0 a.m.32 views

Debian DSA-554-1 : sendmail - pre-set password

Hugo Espuny discovered a problem in sendmail, a commonly used program to deliver electronic mail. When installing 'sasl-bin' to use sasl in connection with sendmail, the sendmail configuration script use fixed user/pass information to initialise the sasl database. Any spammer with Debian systems...

7.5CVSS5.3AI score0.02507EPSS
Exploits0References2
securityvulns
securityvulns
added 2004/09/28 12:0 a.m.28 views

Sendmail relaying

Predefined user account is used to initialize SASL database...

2.4AI score
Exploits0References1Affected Software1
osv
osv
added 2004/09/27 12:0 a.m.22 views

DSA-554-1 sendmail - pre-set password

Bulletin has no description...

7.5CVSS6.1AI score0.02507EPSS
Exploits0
nessus
nessus
added 2004/09/13 12:0 a.m.14 views

Simple Form Subject Tags Arbitrary Mail Relay

The target is running at least one instance of Simple Form which fails to remove newlines from variables used to construct message headers. A remote attacker can exploit this flaw to add to the list of recipients, enabling him to use Simple Form on the target as a proxy for sending abusive mail o...

5.6AI score
Exploits0References1
nessus
nessus
added 2004/08/17 12:0 a.m.25 views

Simple Form Multiple Parameter Arbitrary Mail Relaying

The target is running at least one instance of Simple Form, which fails to validate the parameters 'adminemailto' and 'adminemailfrom'. An attacker, exploiting this flaw, would be able to send email through the server utilizing the form to any arbitrary recipient with any arbitrary message conten...

5.8AI score
Exploits0References1
securityvulns
securityvulns
added 2003/04/24 12:0 a.m.53 views

Windows NTLM relaying attacks

Some client program use NTLM authentication with user's permission without user request. It may leak to NTLM credentials and perform choosen challenge attack and comprometation of server's with client credentials by relaying NTLM request...

3.2AI score
Exploits0References6Affected Software1
exploitpack
exploitpack
added 2003/04/08 12:0 a.m.16 views

Amavis 0.1.6 - Header Parsing Mail Relaying

Amavis 0.1.6 - Header Parsing Mail Relaying source: https://www.securityfocus.com/bid/7306/info It has been reported that some versions of Amavis-ng do not properly interact with Postfix. Because of this, an attacker may be able to circumvent relay restrictions. telnet somemx.domain.tld 25 220...

7.4AI score
Exploits0
cvelist
cvelist
added 2003/04/02 5:0 a.m.26 views

CVE-2002-0054

SMTP service in 1 Microsoft Windows 2000 and 2 Internet Mail Connector IMC in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote attackers to perform mail relaying via an SMTP AUTH command using null session credentials...

6.8AI score0.22328EPSS
Exploits0References3
euvd
euvd
added 2003/04/02 5:0 a.m.6 views

EUVD-2002-0054

SMTP service in 1 Microsoft Windows 2000 and 2 Internet Mail Connector IMC in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote attackers to perform mail relaying via an SMTP AUTH command using null session credentials...

7.5CVSS6.7AI score0.22328EPSS
Exploits0References3
nvd
nvd
added 2002/12/31 5:0 a.m.14 views

CVE-2002-2261

Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restrictions enforced by the 'checkrelay' function by spoofing a blank DNS hostname...

7.5CVSS6.5AI score0.02004EPSS
Exploits0References9
osv
osv
added 2002/12/31 5:0 a.m.6 views

CVE-2002-2261

Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restrictions enforced by the 'checkrelay' function by spoofing a blank DNS hostname...

6.8AI score
Exploits0References10
cve
cve
added 2002/03/09 5:0 a.m.61 views

CVE-2001-0504

The CVE-2001-0504 entry affects the SMTP service in Microsoft Windows 2000. A flaw in the authentication handling could allow an intruder to bypass credentials, enabling the attacker to send mail and, in effect, relay through the vulnerable server. The underlying issue is a weakness in how the SM...

7.5CVSS7.1AI score0.23061EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder