38 matches found
CVE-2026-28753 NGINX ngx_mail_proxy_module vulnerability
NGINX Plus and NGINX Open Source have a vulnerability in the ngxmailsmtpmodule module due to the improper handling of CRLF sequences in DNS responses. This allows an attacker-controlled DNS server to inject arbitrary headers into SMTP upstream requests, leading to potential request manipulation...
EUVD-2007-3243
Malware in sbrugna...
EUVD-2006-4246
Malware in sbrugna...
EUVD-2004-2536
Malware in sbrugna...
EUVD-2004-2408
Malware in sbrugna...
EUVD-2001-0678
Malware in sbrugna...
EUVD-2002-0306
Malware in sbrugna...
EUVD-2007-4279
Malware in sbrugna...
CVE-2025-7624
An SQL injection vulnerability in the legacy transparent SMTP proxy of Sophos Firewall versions older than 21.0 MR2 21.0.2 can lead to remote code execution, if a quarantining policy is active for Email and SFOS was upgraded from a version older than 21.0 GA...
CVE-2025-7624
An SQL injection vulnerability in the legacy transparent SMTP proxy of Sophos Firewall versions older than 21.0 MR2 21.0.2 can lead to remote code execution, if a quarantining policy is active for Email and SFOS was upgraded from a version older than 21.0 GA...
CVE-2025-7624
An SQL injection vulnerability in the legacy transparent SMTP proxy of Sophos Firewall versions older than 21.0 MR2 21.0.2 can lead to remote code execution, if a quarantining policy is active for Email and SFOS was upgraded from a version older than 21.0 GA...
PT-2025-30273 · Sophos · Sophos Firewall
Name of the Vulnerable Software and Affected Versions: Sophos Firewall versions prior to 21.0 MR2 21.0.2 Description: An SQL injection vulnerability exists in the legacy transparent SMTP proxy. Successful exploitation can lead to remote code execution if a quarantining policy is active for Email...
Sophos Firewall 安全漏洞
Sophos Firewall is a firewall from Sophos UK. A security vulnerability exists in Sophos Firewall versions prior to 21.0.2, which stems from a SQL injection issue in the SMTP proxy that could lead to remote code execution...
SUSE CVE-2014-3556
The STARTTLS implementation in mail/ngxmailsmtphandler.c in the SMTP proxy in nginx 1.5.x and 1.6.x before 1.6.1 and 1.7.x before 1.7.4 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command...
Endian Firewall Stored From XSS to Remote Command Execution
Vulnerability Summary The following advisory describes a stored cross site scripting that can be used to trigger remote code execution in Endian Firewall version 5.0.3. Endian Firewall is a “turnkey Linux security distribution, which is an independent, unified security management operating system...
CVE-2014-3556
The STARTTLS implementation in mail/ngxmailsmtphandler.c in the SMTP proxy in nginx 1.5.x and 1.6.x before 1.6.1 and 1.7.x before 1.7.4 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command...
DEBIAN-CVE-2014-3556
The STARTTLS implementation in mail/ngxmailsmtphandler.c in the SMTP proxy in nginx 1.5.x and 1.6.x before 1.6.1 and 1.7.x before 1.7.4 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command...
RHEL 4 : python (RHSA-2011:0491)
The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0491 advisory. Python is an interpreted, interactive, object-oriented programming language. A flaw was found in the Python urllib and urllib2 libraries whe...
RHEL 5 : python (RHSA-2011:0492)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0492 advisory. - expat: buffer over-read and crash on XML with malformed UTF-8 sequences CVE-2009-3720 - Python: SMTP proxy RFC 2821 module DoS uncaught...
CVE-2007-4296
Unspecified vulnerability in assp.pl in Anti-Spam SMTP Proxy Server ASSP 1.3.3 has unknown impact and attack vectors...