Download
| Alert*
oval:org.secpod.oval:def:201460
Postfix is a Mail Transport Agent , supporting LDAP, SMTP AUTH , and TLS. It was discovered that Postfix did not flush the received SMTP commands buffer after switching to TLS encryption for an SMTP session. A man-in-the-middle attacker could use this flaw to inject SMTP commands into a victim"s ses ... oval:org.secpod.oval:def:500040 Postfix is a Mail Transport Agent , supporting LDAP, SMTP AUTH , and TLS. It was discovered that Postfix did not flush the received SMTP commands buffer after switching to TLS encryption for an SMTP session. A man-in-the-middle attacker could use this flaw to inject SMTP commands into a victim"s ses ... oval:org.secpod.oval:def:200547 Postfix is a Mail Transport Agent , supporting LDAP, SMTP AUTH , and TLS. It was discovered that Postfix did not flush the received SMTP commands buffer after switching to TLS encryption for an SMTP session. A man-in-the-middle attacker could use this flaw to inject SMTP commands into a victim"s ses ... oval:org.secpod.oval:def:203086 postfix is installed oval:org.secpod.oval:def:601411 postfix is installed oval:org.secpod.oval:def:500275 Postfix is a Mail Transport Agent , supporting LDAP, SMTP AUTH , and TLS. It was discovered that Postfix did not flush the received SMTP commands buffer after switching to TLS encryption for an SMTP session. A man-in-the-middle attacker could use this flaw to inject SMTP commands into a victim"s ses ... oval:org.secpod.oval:def:201663 Postfix is a Mail Transport Agent , supporting LDAP, SMTP AUTH , and TLS. A heap-based buffer over-read flaw was found in the way Postfix performed SASL handlers management for SMTP sessions, when Cyrus SASL authentication was enabled. A remote attacker could use this flaw to cause the Postfix smtpd ... oval:org.secpod.oval:def:600524 Several vulnerabilities were discovered in Postfix, a mail transfer agent. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2939 The postinst script grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct sy ... oval:org.secpod.oval:def:1503441 Updated postfix packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available ... oval:org.secpod.oval:def:201516 Postfix is a Mail Transport Agent , supporting LDAP, SMTP AUTH , and TLS. A heap-based buffer over-read flaw was found in the way Postfix performed SASL handlers management for SMTP sessions, when Cyrus SASL authentication was enabled. A remote attacker could use this flaw to cause the Postfix smtpd ... oval:org.secpod.oval:def:500072 Postfix is a Mail Transport Agent , supporting LDAP, SMTP AUTH , and TLS. A heap-based buffer over-read flaw was found in the way Postfix performed SASL handlers management for SMTP sessions, when Cyrus SASL authentication was enabled. A remote attacker could use this flaw to cause the Postfix smtpd ... oval:org.secpod.oval:def:1503378 Updated postfix packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is ... oval:org.secpod.oval:def:3301779 Security update for postfix oval:org.secpod.oval:def:89049818 This update for postfix fixes the following issues: Security fixes: * CVE-2023-32182: Fixed config_postfix SUSE specific script using potentially bad /tmp file . Other fixes: * postfix: config.postfix causes too tight permission on main.cf . oval:org.secpod.oval:def:89049417 This update for postfix fixes the following issues: Security fixes: * CVE-2023-32182: Fixed config_postfix SUSE specific script using potentially bad /tmp file . Other fixes: * postfix: config.postfix causes too tight permission on main.cf . oval:org.secpod.oval:def:89049312 This update for postfix fixes the following issues: * CVE-2023-32182: Fixed config_postfix SUSE specific script potentially bad /tmp file usage . * Update to from 3.7.2 to 3.7.3: * Fixes a bug where some messages were not delivered after 'warning: Unexpected record type "X" oval:org.secpod.oval:def:89051324 This update for postfix fixes the following issues: * CVE-2023-51764: Fixed SMTP smuggling attack . oval:org.secpod.oval:def:708740 postfix: High-performance mail transport agent Details: USN-6591-1 fixed vulnerabilities in Postfix. A fix with less risk of regression has been made available since the last update. This update updates the fix and aligns with the latest configuration guidelines regarding this vulnerability. We apol ... oval:org.secpod.oval:def:19500583 Postfix through 3.8.4 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking . Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an ... oval:org.secpod.oval:def:89051318 This update for postfix fixes the following issues: * CVE-2023-51764: Fixed new SMTP smuggling attack . oval:org.secpod.oval:def:1702055 Postfix through 3.8.4 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking . Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an ... oval:org.secpod.oval:def:3302219 Security update for postfix oval:org.secpod.oval:def:708714 postfix: High-performance mail transport agent Postfix could allow bypass of email authentication if it received specially crafted network traffic. oval:org.secpod.oval:def:98671 postfix: High-performance mail transport agent Postfix could allow bypass of email authentication if it received specially crafted network traffic. oval:org.secpod.oval:def:98695 postfix: High-performance mail transport agent Details: USN-6591-1 fixed vulnerabilities in Postfix. A fix with less risk of regression has been made available since the last update. This update updates the fix and aligns with the latest configuration guidelines regarding this vulnerability. We apol ... oval:org.secpod.oval:def:89051726 This update for postfix fixes the following issues: * CVE-2023-51764: Prevent SMTP smuggling attack |