42 matches found
UBUNTU-CVE-2021-33913
libspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of SPFrecordexpanddata in spfexpand.c. The amount of overflowed data depend...
Courier: Missing SPF record on trycourier.app
Missing SPF record on trycourier.app domain which has been retired a while ago...
Sifchain: No Valid SPF Records at sifchain.finance
Hello, There is any issue No valid SPF Records Desciprition : There is a email spoofing vulnerability.Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source. Email spoofing is a tactic used in phishing...
Sifchain: Email spoofing
Email spoofing is possible To verify: visit :https://www.kitterman.com/spf/validate.html? and type your domain name to check SPF record you can see the results as: NO valid SPF record found POC: 1.visit http://emkei.cz// 2.fill the from email as [email protected] 3.to email as victim email...
Sifchain: No valid SPF record found
Email spoofing is possible To verify: visit : https://www.kitterman.com/spf/validate.html and type your domain name to check SPF records you can see the results as: No valid SPF record found. POC: 1. visit: https://emkei.cz/ 2. fill the from email as [email protected] 3.To email as victim ema...
Sifchain: Vulnerability : Email Spoofing
Hi Team Hope you are doing well. I found vulnerability. Issue: Email Spoofing I just sent a forged email to [email protected] that appears to originate from [email protected] I was able to do this because of SPF Soft Fail and I could not find DMARC record of this domain. SPF record...
dnsrecon 0.10.0 CSV Injection
Exploit Title: dnsrecon 0.10.0 - CSV Injection Author: Dolev Farhi Date: 2021-01-07 Vendor Homepage: https://github.com/darkoperator/dnsrecon/ Version : 0.10.0 Tested on: ParrotOS 4.10 dnsrecon, when scanning a TXT record such as SPF, i.e.: spf.domain.com, outputs a CSV report -c out.csv with...
dnsrecon 0.10.0 - CSV Injection Vulnerability
Exploit Title: dnsrecon 0.10.0 - CSV Injection Author: Dolev Farhi Vendor Homepage: https://github.com/darkoperator/dnsrecon/ Version : 0.10.0 Tested on: ParrotOS 4.10 dnsrecon, when scanning a TXT record such as SPF, i.e.: spf.domain.com, outputs a CSV report -c out.csv with entries such as...
Solana BBP: email spoofing
email spoofing Impact step 1:visit: https://www.kitterman.com/spf/getspf3.py step 2:in domain name, type:https://github.com/solana-labs/solana-program-library step 3: check SPF record, it will appear" No valid SPF record found" step 4:visit: https://emkei.cz/ step 5:type name as...
Dropcontact: No Valid SPF Records
Hiii, There is any issue No valid SPF Records Desciprition : There is a email spoofing vulnerability.Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source. Email spoofing is a tactic used in phishing...
Nextcloud: Email Spoofing
An SPF/DMARC record is a type of Domain Name Service DNS record that identifies which mail servers are permitted to send email on behalf of your domain. The purpose of an SPF/DMARC record is to prevent spammers from sending messages on the behalf of your organization. Remediation: Create a SPF...
Kubernetes: No valid SPF record found
Desciprition : There is a email spoofing vulnerability.Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source. Email spoofing is a tactic used in phishing and spam campaigns because people are more...
Ping Identity: No valid SPF record not found
There are no SPF Records found for ort-admin.pingone.com Description: There is an email spoofing vulnerability. Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source. Email spoofing is a tactic used i...
Avito: Missing SPF Records
SPF Record was missing for m.avito.ru...
MyCrypto: SPF Records (SMTP protection not used)
Hello MyCrypto Team , I am checking your website and found something is missing in SPF record.I don't find you have applied strict SMTP policy to stop spoofed email sending from your domain. I would like to recommend you to read the following article :...
Django: Email Spoofing Possible on djangoproject.com Email Domain
Summary: Due to lacking a SPF and DMARC record it is possible to spoof emails from djangoproject.com. This could potentially be used to trick employees, customers or clients via phishing emails. Description: Mail servers rely on both SPF and DMARC to properly deal with email spoofing. SPF shows...
MyCrypto: Missing SPF record for the in scope domain
nli@nlistation:$ dig mycrypto.com txt ; DiG 9.10.3-P4-Ubuntu mycrypto.com txt ;; global options: +cmd ;; Got answer: ;; -HEADER DiG 9.10.3-P4-Ubuntu gmail.com txt ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 19223 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1,...
GSA Bounty: Email Spoofing - SPF record set to Neutral
Hi, Introduction: There is a email spoofing vulnerability.Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source. Email spoofing is a tactic used in phishing and spam campaigns because people are more...
GSA Bounty: Email Spoofing - SPF record set to Neutral
Hi, Introduction: There is a email spoofing vulnerability.Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source. Email spoofing is a tactic used in phishing and spam campaigns because people are more...
Weblate: [debian.weblate.org]-Missing SPF Record
Reproduction Details: dig txt debian.weblate.org|grep "v=spf1"...