exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 92 RSS Feed

Files

postfix1112.txt
Posted Aug 5, 2003
Authored by Michal Zalewski | Site lcamtuf.coredump.cx

Postfix versions 1.1.12 and below suffers from a remote denial of service attack due to a vulnerability in the address parser code.

tags | advisory, remote, denial of service
advisories | CVE-2003-0540
SHA-256 | e8e28a863997588aef90fb4e62ff99a22c91cdc08e3b2cd835651486388fcd55

Related Files

Apple Security Advisory 2017-10-31-12
Posted Nov 1, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-10-31-12 - Additional information for the APPLE-SA-2017-09-25-9 macOS Server 5.4 advisory has been provided that relates to FreeRADIUS and Postfix.

tags | advisory
systems | apple
advisories | CVE-2017-10978, CVE-2017-10979, CVE-2017-13826
SHA-256 | ab7f1016be63a4d64acf9e8afda8cb266e256bd54b6c0f883eb1a5a8a72517ed
Gentoo Linux Security Advisory 201709-20
Posted Sep 25, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201709-20 - A vulnerability in Postfix may allow local users to gain root privileges. Versions less than 3.1.6 are affected.

tags | advisory, local, root
systems | linux, gentoo
SHA-256 | b600c1a5f95a2227e066f6351a63b9daa56e68a6202706f7df5318020198cbc7
Brutus FTP Attack Tool 0.3
Posted Sep 7, 2017
Authored by Phillip Aaron | Site bushisecurity.com

Brutus is a small threaded python FTP brute-force and dictionary attack tool. It supports several brute-force parameters such as a custom character sets, password length, minimum password length, prefix, and postfix strings to passwords generated.

tags | tool, cracker, python
SHA-256 | 40ebf6ba69965e9808d786f10070c9a7f2f6fc99257bf7e16187b622613091c8
Postfix Admin 2.93 Cross Site Request Forgery
Posted May 21, 2016
Authored by Julien Ahrens | Site rcesecurity.com

Postfix Admin version 2.93 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | c36bf42d6746cb09cb01c495637ea7bc269111f9cfcff5161901216a53a69331
Debian Security Advisory 3214-1
Posted Apr 6, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3214-1 - A path traversal vulnerability was discovered in Mailman, the mailing list manager. Installations using a transport script (such as postfix-to-mailman.py) to interface with their MTA instead of static aliases were vulnerable to a path traversal attack. To successfully exploit this, an attacker needs write access on the local file system.

tags | advisory, local
systems | linux, debian
advisories | CVE-2015-2775
SHA-256 | abf188d9a2c976b95165071e0f07ae6e49e0b202ed2c520547e5a230417b5ae5
libCryptoLog 0.1
Posted Nov 21, 2014
Authored by YJesus

libCryptoLog hooks fprintf() and write() functions to provide encryption on the fly for log files from Apache, Nginx, Postfix, and more.

tags | library
systems | linux
SHA-256 | 375b8cd1a61cbb82d69b065985018989597f5079a42f603aec9a1acceff970b4
Postfix SMTP Shellshock
Posted Oct 6, 2014
Authored by fattymcwopr

Postfix SMTP with procmail shellshock exploit that affects versions 4.2.x up through 4.2.48.

tags | exploit
advisories | CVE-2014-6271
SHA-256 | 2defb18f0a8b00ec8fed37883f8a633b4382c93a3edfdbab3f7778291f08879a
Debian Security Advisory 2979-1
Posted Jul 19, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2979-1 - Two vulnerabilities were discovered in Fail2ban, a solution to ban hosts that cause multiple authentication errors. When using Fail2ban to monitor Postfix or Cyrus IMAP logs, improper input validation in log parsing could enable a remote attacker to trigger an IP ban on arbitrary addresses, resulting in denial of service.

tags | advisory, remote, denial of service, arbitrary, vulnerability, imap
systems | linux, debian
advisories | CVE-2013-7176, CVE-2013-7177
SHA-256 | 663686ca280e9f3c71e71611cc65c7317ff186652c7a041a969f80c3fe0d6f6f
Debian Security Advisory 2889-1
Posted Mar 28, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2889-1 - An SQL injection vulnerability was discovered in postfixadmin, a web administration interface for the Postfix Mail Transport Agent, which allowed authenticated users to make arbitrary manipulations to the database.

tags | advisory, web, arbitrary, sql injection
systems | linux, debian
advisories | CVE-2014-2655
SHA-256 | 6c98896315477340680db98e02791077026f5bb90eef2f49e4ff280754b1c63a
Gentoo Linux Security Advisory 201209-18
Posted Sep 27, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201209-18 - Multiple vulnerabilities have been found in Postfixadmin which may lead to SQL injection or cross-site scripting attacks. Versions less than 2.3.5 are affected.

tags | advisory, vulnerability, xss, sql injection
systems | linux, gentoo
advisories | CVE-2012-0811, CVE-2012-0812
SHA-256 | 483fff8b8c40f8c7a48ee6753a592cc64440c80a933a09fb2b3d976df89bf714
Secunia Security Advisory 50731
Posted Sep 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for postfixadmin. This fixes multiple vulnerabilities, which can be exploited by malicious users to conduct script insertion and SQL injection attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss, sql injection
systems | linux, gentoo
SHA-256 | 6693c56c2f108a20e0dcda9c18d324aebc47f973032682e0962f59bf7c80237b
Secunia Security Advisory 49706
Posted Jun 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for postfix. This fixes two vulnerabilities, which can be exploited by malicious people to manipulate certain data, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
SHA-256 | f7402d2aa539b8e516df12a70d30dd630319c5ad5a16ff66cd2dbb2d2b488b73
Gentoo Linux Security Advisory 201206-33
Posted Jun 25, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201206-33 - A vulnerability has been found in Postfix, the worst of which possibly allowing remote code execution. Versions less than 2.7.4 are affected.

tags | advisory, remote, code execution
systems | linux, gentoo
advisories | CVE-2011-0411, CVE-2011-1720
SHA-256 | 05e98f47777707c46cf6dde146609306a3f61d80648b0c877d2ed8871983f6f0
Postfixadmin 2.3.4 SQL Injection / Cross Site Scripting
Posted Jan 30, 2012
Authored by Filippo Cavallarin

Postfixadmin version 2.3. 4 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 792946daa68d21da19823d935d226aff83199c4a69cc33fe6dfa3dcbd4a11618
Secunia Security Advisory 47670
Posted Jan 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Postfix Admin, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting and script insertion attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 0fcd50f64699587ecbea6b580ae7675a38fec1cf457ebf05b22ea36c0f0a6e13
Secunia Security Advisory 44781
Posted Jun 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for postfix. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.

tags | advisory, denial of service
systems | linux, redhat
SHA-256 | 9a5b4c4926427e689d5a29938728fc2a4e4c786017ae8730857458dd73a145e8
Red Hat Security Advisory 2011-0843-01
Posted Jun 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0843-01 - Postfix is a Mail Transport Agent, supporting LDAP, SMTP AUTH, and TLS. A heap-based buffer over-read flaw was found in the way Postfix performed SASL handlers management for SMTP sessions, when Cyrus SASL authentication was enabled. A remote attacker could use this flaw to cause the Postfix smtpd server to crash via a specially-crafted SASL authentication request. The smtpd process was automatically restarted by the postfix master process after the time configured with service_throttle_time elapsed. Various other issues were also addressed.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2011-1720
SHA-256 | 290f32e19e804868ba34739ec9704dcafcfdf5319694188c9ac9fd4eb3c9d6dd
Secunia Security Advisory 44623
Posted May 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for postfix. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.

tags | advisory, denial of service
systems | linux, fedora
SHA-256 | 558a4d62a76882aadb338cf3987b0c9c610df76f0bc23a239a440ea9e4441efe
Mandriva Linux Security Advisory 2011-090
Posted May 17, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-090 - The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via an invalid AUTH command with one method followed by an AUTH command with a different method.

tags | advisory, remote, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2011-1720
SHA-256 | 26f21ccffabb06f7c9f727b9bc634ba334cafeb734a3272a015e25c29f59d6bf
Secunia Security Advisory 44519
Posted May 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for postfix. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.

tags | advisory, denial of service
systems | linux, ubuntu
SHA-256 | 57dadf68a6e33578e483e5e9cfac5368986f2e70ec45ac00e6e001dcffbcf564
Secunia Security Advisory 44517
Posted May 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for postfix. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.

tags | advisory, denial of service
systems | linux, suse
SHA-256 | b76cdeeb91b1fa2ad98c9f772f3a5ebb6b9c5ca02e51a9a52a4708893b70a234
Secunia Security Advisory 44506
Posted May 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for postfix. This fixes two vulnerabilities, which can be exploited by malicious people to manipulate certain data and cause a DoS (Denial of Service) or potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | linux, debian
SHA-256 | 31bdb9c3fdbe5d9b482f5123fb37775eb0022c144cb351d49b40664584862cf7
Ubuntu Security Notice USN-1131-1
Posted May 12, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1131-1 - Thomas Jarosch discovered that Postfix incorrectly handled authentication mechanisms other than PLAIN and LOGIN when the Cyrus SASL library is used. A remote attacker could use this to cause Postfix to crash, leading to a denial of service, or possibly execute arbitrary code as the postfix user.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-1720
SHA-256 | 68340c9e3e7647ac269823e3960e437ebd6142bd59c663cc32250c2f77990d8e
Debian Security Advisory 2233-1
Posted May 10, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2233-1 - Several vulnerabilities were discovered in Postfix, a mail transfer agent.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2009-2939, CVE-2011-0411, CVE-2011-1720
SHA-256 | 2066190092a138a8e944282214539e92f89d4e7e673e5c275fdb8a0859fc9199
Secunia Security Advisory 44500
Posted May 10, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Postfix, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.

tags | advisory, denial of service
SHA-256 | a898ca2307360553e6290e9d405c3fbf6fa98da1812e2d8abf476f62a4b9d050
Page 1 of 4
Back1234Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close