CVSS: 5.3EPSS: 21%CPEs: 8EXPL: 6CVE-2023-51764 – postfix: SMTP smuggling vulnerability
https://notcve.org/view.php?id=CVE-2023-51764
24 Dec 2023 — Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Postfix supports
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2020-12063
https://notcve.org/view.php?id=CVE-2020-12063
24 Apr 2020 — A certain Postfix 2.10.1-7 package could allow an attacker to send an email from an arbitrary-looking sender via a homoglyph attack, as demonstrated by the similarity of \xce\xbf to the 'o' character. This is potentially relevant when the /etc/postfix/sender_login feature is used, because a spoofed outbound message that uses a configured sender address is blocked with a "Sender address rejected: not logged in" error message, but a spoofed outbound message that uses a homoglyph of a configured sender address... • https://www.openwall.com/lists/oss-security/2020/04/23/12 •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2019-16791 – downgrade of effective Strict Transport Security (STS) policy in postfix-mta-sts-resolver
https://notcve.org/view.php?id=CVE-2019-16791
22 Jan 2020 — In postfix-mta-sts-resolver before 0.5.1, All users can receive incorrect response from daemon under rare conditions, rendering downgrade of effective STS policy. En postfix-mta-sts-resolver versiones anteriores a 0.5.1, todos los usuarios pueden recibir una respuesta incorrecta del demonio bajo condiciones extrañas, renderizando una degradación de la política STS efectiva. • https://gist.github.com/Snawoot/b9da85d6b26dea5460673b29df1adc6b • CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2012-0812
https://notcve.org/view.php?id=CVE-2012-0812
22 Nov 2019 — PostfixAdmin 2.3.4 has multiple XSS vulnerabilities PostfixAdmin versión 2.3.4, presenta múltiples vulnerabilidades de tipo XSS. • http://security.gentoo.org/glsa/glsa-201209-18.xml • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2017-10140 – libdb: Reads DB_CONFIG from the current working directory
https://notcve.org/view.php?id=CVE-2017-10140
22 Nov 2017 — Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges by leveraging undocumented functionality in Berkeley DB 2.x and later, related to reading settings from DB_CONFIG in the current directory. Postfix, en versiones anteriores a la 2.11.10, versiones 3.0.x anteriores a la 3.0.10, versiones 3.1.x anteriores a la 3.1.6 y versiones 3.2.x anteriores a la 3.2.2, podría permitir que usuarios locales obtengan privilegios aprovechando una ... • http://seclists.org/oss-sec/2017/q3/285 •
CVSS: 8.8EPSS: 0%CPEs: 45EXPL: 1CVE-2012-0811
https://notcve.org/view.php?id=CVE-2012-0811
01 Oct 2014 — Multiple SQL injection vulnerabilities in Postfix Admin (aka postfixadmin) before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the pw parameter to the pacrypt function, when mysql_encrypt is configured, or (2) unspecified vectors that are used in backup files generated by backup.php. Múltiples vulnerabilidades de inyección SQL en Postfix Admin (también conocido como postfixadmin) anterior a 2.3.5 permiten a usuarios remotos autenticados ejecutar comandos SQL a través de (... • http://www.codseq.it/advisories/multiple_vulnerabilities_in_postfixadmin • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 1CVE-2014-2655 – Debian Security Advisory 2889-1
https://notcve.org/view.php?id=CVE-2014-2655
28 Mar 2014 — SQL injection vulnerability in the gen_show_status function in functions.inc.php in Postfix Admin (aka postfixadmin) before 2.3.7 allows remote authenticated users to execute arbitrary SQL commands via a new alias. Vulnerabilidad de inyección SQL en la función gen_show_status en functions.inc.php en Postfix Admin (también conocido como postfixadmin) anterior a 2.3.7 permite a usuarios remotos autenticados ejecutar comandos SQL arbitrarios a través de un alias nuevo. An SQL injection vulnerability was discov... • http://lists.opensuse.org/opensuse-updates/2014-05/msg00075.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 66%CPEs: 109EXPL: 1CVE-2011-1720 – (smtpd): Crash due to improper management of SASL handlers for SMTP sessions
https://notcve.org/view.php?id=CVE-2011-1720
13 May 2011 — The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service (heap memory corruption and daemon crash) or possibly execute arbitrary code via an invalid AUTH command with one method followed by an AUTH command with a different method. El servidor SMTP en Postfix anterior a v2... • https://github.com/nbeguier/postfix_exploit • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 61%CPEs: 42EXPL: 1CVE-2011-0411 – postfix: SMTP commands injection during plaintext to TLS session switch
https://notcve.org/view.php?id=CVE-2011-0411
16 Mar 2011 — The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9, and 2.7.x before 2.7.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack. La implementación de STARTTLS de Postfix 2.4.x anteriores a 2.4.16, 2.5.x anteriores a 2.5.12, 2.6.x anteriores a 2.6.9, y 2.7.x anter... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.9EPSS: 0%CPEs: 3EXPL: 1CVE-2009-2939
https://notcve.org/view.php?id=CVE-2009-2939
21 Sep 2009 — The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files. El script postfix.postinst en el paquete postfix v2.5.5 de Debian GNU/Linux y Ubuntu permite acceso de escritura al usuario postfix en /var/spool/postfix/pid, permitiendo a usuarios locales dirigir ataques de enlaces simbólicos que sobrescriban ficheros de su elección. • http://www.debian.org/security/2011/dsa-2233 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •