CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 6CVE-2023-51764 – postfix: SMTP smuggling vulnerability
https://notcve.org/view.php?id=CVE-2023-51764
Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Postfix supports <LF>.<CR><LF> but some other popular e-mail servers do not. To prevent attack variants (by always disallowing <LF> without <CR>), a different solution is required, such as the smtpd_forbid_bare_newline=yes option with a Postfix minimum version of 3.5.23, 3.6.13, 3.7.9, 3.8.4, or 3.9. • https://github.com/duy-31/CVE-2023-51764 https://github.com/eeenvik1/CVE-2023-51764 https://github.com/Double-q1015/CVE-2023-51764 https://github.com/d4op/CVE-2023-51764-POC http://www.openwall.com/lists/oss-security/2023/12/24/1 http://www.openwall.com/lists/oss-security/2023/12/25/1 http://www.openwall.com/lists/oss-security/2024/05/09/3 https://access.redhat.com/security/cve/CVE-2023-51764 https://bugzilla.redhat.com/show_bug.cgi?id=2255563 http • CWE-345: Insufficient Verification of Data Authenticity CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2017-10140 – libdb: Reads DB_CONFIG from the current working directory
https://notcve.org/view.php?id=CVE-2017-10140
Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges by leveraging undocumented functionality in Berkeley DB 2.x and later, related to reading settings from DB_CONFIG in the current directory. Postfix, en versiones anteriores a la 2.11.10, versiones 3.0.x anteriores a la 3.0.10, versiones 3.1.x anteriores a la 3.1.6 y versiones 3.2.x anteriores a la 3.2.2, podría permitir que usuarios locales obtengan privilegios aprovechando una funcionalidad no documentada en Berkeley DB, en versiones 2.x y posteriores. Esto está relacionado con la lectura de opciones de DB_CONFIG en el directorio actual. • http://seclists.org/oss-sec/2017/q3/285 http://www.postfix.org/announcements/postfix-3.2.2.html https://access.redhat.com/errata/RHSA-2019:0366 https://www.oracle.com/security-alerts/cpujul2020.html https://access.redhat.com/security/cve/CVE-2017-10140 https://bugzilla.redhat.com/show_bug.cgi?id=1464032 •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2014-2655
https://notcve.org/view.php?id=CVE-2014-2655
SQL injection vulnerability in the gen_show_status function in functions.inc.php in Postfix Admin (aka postfixadmin) before 2.3.7 allows remote authenticated users to execute arbitrary SQL commands via a new alias. Vulnerabilidad de inyección SQL en la función gen_show_status en functions.inc.php en Postfix Admin (también conocido como postfixadmin) anterior a 2.3.7 permite a usuarios remotos autenticados ejecutar comandos SQL arbitrarios a través de un alias nuevo. • http://lists.opensuse.org/opensuse-updates/2014-05/msg00075.html http://sourceforge.net/p/postfixadmin/code/1650 http://www.debian.org/security/2014/dsa-2889 http://www.openwall.com/lists/oss-security/2014/03/26/11 http://www.openwall.com/lists/oss-security/2014/03/26/6 http://www.securityfocus.com/bid/66455 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 45EXPL: 1CVE-2012-0811
https://notcve.org/view.php?id=CVE-2012-0811
Multiple SQL injection vulnerabilities in Postfix Admin (aka postfixadmin) before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the pw parameter to the pacrypt function, when mysql_encrypt is configured, or (2) unspecified vectors that are used in backup files generated by backup.php. Múltiples vulnerabilidades de inyección SQL en Postfix Admin (también conocido como postfixadmin) anterior a 2.3.5 permiten a usuarios remotos autenticados ejecutar comandos SQL a través de (1) el parámetro pw en la función pacrypt, cuando mysql_encrypt está configurado, o (2) vectores no especificados que se utilizan en los ficheros de las copias de seguridad generados por backup.php. • http://www.codseq.it/advisories/multiple_vulnerabilities_in_postfixadmin http://www.openwall.com/lists/oss-security/2012/01/26/5 http://www.openwall.com/lists/oss-security/2012/01/27/5 http://www.securityfocus.com/bid/51680 https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3/CHANGELOG.TXT • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 1%CPEs: 4EXPL: 0CVE-2012-0812
https://notcve.org/view.php?id=CVE-2012-0812
PostfixAdmin 2.3.4 has multiple XSS vulnerabilities PostfixAdmin versión 2.3.4, presenta múltiples vulnerabilidades de tipo XSS. • http://security.gentoo.org/glsa/glsa-201209-18.xml http://www.openwall.com/lists/oss-security/2012/01/26/12 http://www.openwall.com/lists/oss-security/2012/01/27/5 http://www.securityfocus.com/bid/51680 https://access.redhat.com/security/cve/cve-2012-0812 https://bugs.gentoo.org/show_bug.cgi?id=CVE-2012-0812 https://security-tracker.debian.org/tracker/CVE-2012-0812 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •