25 matches found
SUSE-SU-2026:1641-1 Security update for dovecot22
This update for dovecot22 fixes the following issues: - CVE-2025-59031: decode2text.sh OOXML extraction may follow symlinks and read unintended files during indexing bsc1260895. - CVE-2025-59032: pigeonhole: ManageSieve panic occurs with sieve-connect as a client bsc1260902. - CVE-2026-27855: OTP...
CVE-2026-27859
A mail message containing excessive amount of RFC 2231 MIME parameters causes LMTP to use too much CPU. A suitably formatted mail message causes mail delivery process to consume large amounts of CPU time. Use MTA capabilities to limit RFC 2231 MIME parameters in mail messages, or upgrade to fixed...
EUVD-2006-2938
Malware in sbrugna...
ROS-20240712-01
Vulnerability in Multiline RFC 2231 component of Exim mail server is related to incorrect analysis of the the multiline RFC 2231 header file name. Exploitation of the vulnerability could allow an attacker, acting remotely, to deliver executable attachments to end-user mailboxes...
Exploit for Improper Encoding or Escaping of Output in Exim
CVE-2024-39929 PoC Vulnerability Brief Exim through 4.97...
[SECURITY] [DSA 5728-1] exim4 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5728-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 10, 2024 https://www.debian.org/security/faq -...
CVE-2024-39929
Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mimefilename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users...
CVE-2024-39929
Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mimefilename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users...
CVE-2024-39929
Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mimefilename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users...
UBUNTU-CVE-2024-39929
Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mimefilename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users...
CVE-2024-39929
CVE-2024-39929 affects Exim by misparsing multiline RFC 2231 header filenames, allowing a remote attacker to bypass a mime_filename extension-blocking check and potentially deliver executable attachments. Public references show patches exist: Fedora/NASL entries note fixes in exim 4.98 (and newer...
CVE-2024-39929
Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mimefilename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users...
CVE-2024-39929
Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mimefilename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users...
SuSE9 Security Update : mailman (YOU Patch Number 11243)
This update of mailman fixes the following security issues : - A malicious user could visit a specially crafted URI and inject an apparent log message into Mailman's error log which might induce an unsuspecting administrator to visit a phishing site. This has been blocked. Thanks to Moritz Nauman...
GNU Mailman跨站脚本及拒绝服务漏洞
GNU Mailman是一款开放源码的邮件列表管理系统。 Mailman中存在多个安全漏洞,具体如下: 1 日志功能中的错误允许攻击者通过特制的URL向错误日志中注入欺骗性的日志消息。这可能诱骗管理员访问恶意的Web站点。 2 Mailman在处理畸形MIME首部时没有遵循RFC 2231标准,可能导致拒绝服务。 3 Mailman没有正确过滤某些用户输入,允许在用户浏览器会话中执行任意HTML和脚本代码。 受影响系统: GNU Mailman 2.1.9 不受影响系统: GNU Mailman 2.1.9rc1 GNU Mailman 2.1.9 厂商补丁: GNU ---...
GLSA-200609-12 : Mailman: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200609-12 Mailman: Multiple vulnerabilities Mailman fails to properly handle standards-breaking RFC 2231 formatted headers. Furthermore, Moritz Naumann discovered several XSS vulnerabilities and a log file injection. Impact : An...
Design/Logic Flaw
Mailman before 2.1.9rc1 allows remote attackers to cause a denial of service via unspecified vectors involving "standards-breaking RFC 2231 formatted headers"...
CVE-2006-2941
Mailman before 2.1.9rc1 allows remote attackers to cause a denial of service via unspecified vectors involving "standards-breaking RFC 2231 formatted headers"...
CVE-2006-2941
Mailman before 2.1.9rc1 allows remote attackers to cause a denial of service via unspecified vectors involving "standards-breaking RFC 2231 formatted headers"...
CVE-2006-2941
Mailman before 2.1.9rc1 allows remote attackers to cause a denial of service via unspecified vectors involving "standards-breaking RFC 2231 formatted headers"...