32 matches found
CVE-2021-33515
The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp. Sensitive information can be redirected to an attacker-controlled address...
CVE-2021-33515
The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp. Sensitive information can be redirected to an attacker-controlled address...
SUSE SLES15: dovecot23 / dovecot23-backend-mysql / dovecot23-backend-pgsql / etc (SUSE-SU-2021:2124-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2124-1 advisory. - CVE-2021-29157: Local attacker can login as any user and access their emails bsc1187418 - CVE-2021-33515: Attacker can potentiall...
SUSE SLES15: dovecot23 / dovecot23-backend-mysql / dovecot23-backend-pgsql / etc (SUSE-SU-2021:2122-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2122-1 advisory. - CVE-2021-29157: Local attacker can login as any user and access their emails bsc1187418 - CVE-2021-33515: Attacker can potentiall...
openSUSE 15 Security Update : dovecot23 (openSUSE-SU-2021:0920-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:0920-1 advisory. - Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into usi...
CVE-2021-33515
The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp. Sensitive information can be redirected to an attacker-controlled address...
Moderate: Red Hat Security Advisory: 389-ds-base security and bug fix update
An update for 389-ds-base is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
openSUSE Security Update : inn (openSUSE-SU-2012:1171-1)
fix starttls command injection issue CVE-2012-3523, bnc776967 - handle /var/run on tmpfs. bnc778439 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-600. The text description of...
SuSE 11.1 Security Update : pure-ftpd (SAT Patch Number 4360)
Pure-ftpd is vulnerable to the STARTTLS command injection issue similar to CVE-2011-0411 of postfix. CVE-2011-1575 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update...
openSUSE Security Update : pure-ftpd (openSUSE-SU-2011:0483-1)
Pure-ftpd is vulnerable to the STARTTLS command injection issue similar to CVE-2011-0411 of postfix. CVE-2011-1575 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...
SuSE9 Security Update : Postfix (YOU Patch Number 12707)
The following bugs have been fixed : - Remote attackers could potentially exploit a memory corruption issue in postfix' SASL implementation to execute arbitrary code. CVE-2011-1720 - Also Postfix did not clear the receive buffer after the STARTTLS command. A man-in-the middle could therefore inje...
SSL/TLS: SMTP 'STARTTLS' Command Detection
Checks if the remote SMTP server supports SSL/TLS with the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...