Lucene search
RootSSV:61987HistoryMar 28, 2014 - 12:00 a.m.
Postfix Admin 'functions.inc.php' SQL注入漏洞
2014-03-2800:00:00
Root
www.seebug.org
135
EPSS
0.003
Percentile
65.3%
BUGTRAQ ID: 66455
CVE(CAN) ID: CVE-2014-2655
Postfix是Unix类操作系统中所使用的邮件传输代理。
用于程序没有在SQL查询前充分过滤用户提供的数据,允许攻击者危及应用程序,访问或修改数据,或利用底层数据库中潜在的漏洞。
0
Postfix Admin Postfix Admin 2.3.5
Postfix Admin Postfix Admin 2.3.4
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://sourceforge.net/projects/postfixadmin/
Related
securityvulns
securityvulns
[SECURITY] [DSA 2889-1] postfixadmin security update
2014-05-05 00:00:00
nvd
nvd
CVE-2014-2655
2014-04-02 16:06:02
cvelist
cvelist
CVE-2014-2655
2014-04-02 14:00:00
nessus
nessus
Debian DSA-2889-1 : postfixadmin - security update
2014-03-31 00:00:00
openSUSE Security Update : PostfixAdmin (openSUSE-SU-2014:0715-1)
2014-06-13 00:00:00
openvas
openvas
Debian Security Advisory DSA 2889-1 (postfixadmin - security update)
2014-03-28 00:00:00
Debian: Security Advisory (DSA-2889-1)
2014-03-27 00:00:00
freebsd
freebsd
postfixadmin -- SQL injection vulnerability
2014-03-28 00:00:00
debiancve
debiancve
CVE-2014-2655
2014-04-02 16:06:02
osv
osv
postfixadmin - security update
2014-03-28 00:00:00
postfixadmin-3.0-1.1 on GA media
2024-06-15 00:00:00
cve
cve
CVE-2014-2655
2014-04-02 16:06:02
ubuntucve
ubuntucve
CVE-2014-2655
2014-04-02 00:00:00
prion
prion
Sql injection
2014-04-02 16:06:00
debian
debian
[SECURITY] [DSA 2889-1] postfixadmin security update
2014-03-28 07:04:35