Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
postfix postfix 2.5.5 vulnerabilities and exploits
(subscribe to this query)
614
VMScore
CVE-2009-2939
The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files.
Postfix Postfix 2.5.5
605
VMScore
CVE-2011-0411
The STARTTLS implementation in Postfix 2.4.x prior to 2.4.16, 2.5.x prior to 2.5.12, 2.6.x prior to 2.6.9, and 2.7.x prior to 2.7.3 does not properly restrict I/O buffering, which allows man-in-the-middle malicious users to insert commands into encrypted SMTP sessions by sending ...
Postfix Postfix 2.4
Postfix Postfix 2.4.4
Postfix Postfix 2.4.0
Postfix Postfix 2.4.9
Postfix Postfix 2.4.8
Postfix Postfix 2.4.6
Postfix Postfix 2.4.5
Postfix Postfix 2.4.14
Postfix Postfix 2.4.15
Postfix Postfix 2.4.3
Postfix Postfix 2.4.2
Postfix Postfix 2.4.10
Postfix Postfix 2.4.11
Postfix Postfix 2.4.1
Postfix Postfix 2.4.7
Postfix Postfix 2.4.12
Postfix Postfix 2.4.13
Postfix Postfix 2.5.0
Postfix Postfix 2.5.8
Postfix Postfix 2.5.9
Postfix Postfix 2.5.6
Postfix Postfix 2.5.7
187
VMScore
CVE-2008-3889
Postfix 2.4 prior to 2.4.9, 2.5 prior to 2.5.5, and 2.6 prior to 2.6-20080902, when used with the Linux 2.6 kernel, leaks epoll file descriptors during execution of "non-Postfix" commands, which allows local users to cause a denial of service (application slowdown or ex...
Postfix Postfix 2.4
Postfix Postfix 2.4.0
Postfix Postfix 2.4.7
Postfix Postfix 2.5.1
Postfix Postfix 2.4.5
Postfix Postfix 2.4.6
Postfix Postfix 2.4.1
Postfix Postfix 2.4.2
Postfix Postfix 2.5.2
Postfix Postfix 2.5.3
Postfix Postfix 2.4.3
Postfix Postfix 2.4.4
Postfix Postfix 2.4.8
Postfix Postfix 2.6
710
VMScore
CVE-2011-1720
The SMTP server in Postfix prior to 2.5.13, 2.6.x prior to 2.6.10, 2.7.x prior to 2.7.4, and 2.8.x prior to 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote malicious user...
Postfix Postfix 2.3.16
Postfix Postfix 2.3.18
Postfix Postfix 2.0.10
Postfix Postfix 2.4.10
Postfix Postfix 2.5.0
Postfix Postfix 2.4
Postfix Postfix 2.3.11
Postfix Postfix 2.0.14
Postfix Postfix 2.0.17
Postfix Postfix 2.2.7
Postfix Postfix 2.0.16
Postfix Postfix 2.3.6
Postfix Postfix 2.1.5
Postfix Postfix 2.5.9
Postfix Postfix 2.3.0
Postfix Postfix 2.0.6
Postfix Postfix 2.2.4
Postfix Postfix 2.0.15
Postfix Postfix 2.5.2
Postfix Postfix 2.4.15
Postfix Postfix 2.5.12
Postfix Postfix 2.4.0
2 Nmap scripts
1 Github repository
NA
CVE-2008-4042
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-3889. Reason: This candidate is a duplicate of CVE-2008-3889. Notes: All CVE users should reference CVE-2008-3889 instead of this candidate. All references and descriptions in this candidate have been removed...
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started