Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
postfix postfix vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-4977
postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/postfix_groups.stdout, (2) /tmp/postfix_groups.stderr, and (3) /tmp/postfix_groups.message temporary files. NOTE: the vendor disputes this vulnerability, statin...
Postfix Postfix 2.5.2
NA
CVE-2003-0540
The address parser code in Postfix 1.1.12 and previous versions allows remote malicious users to cause a denial of service (lock) via (1) a malformed envelope address to a local host that would generate a bounce and contains the ".!" string in the MAIL FROM or Errors-To...
Conectiva Linux 7.0
Conectiva Linux 8.0
Wietse Venema Postfix 1.0.21
Wietse Venema Postfix 1.1.11
Wietse Venema Postfix 1.1.12
Wietse Venema Postfix 2000-02-28
Wietse Venema Postfix 2001-11-15
Wietse Venema Postfix 1999-09-06
Wietse Venema Postfix 1999-12-31
2 EDB exploits
NA
CVE-2003-0468
Postfix 1.1.11 and previous versions allows remote malicious users to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which ...
Wietse Venema Postfix 2000-02-28
Wietse Venema Postfix 2001-11-15
Conectiva Linux 7.0
Conectiva Linux 8.0
Wietse Venema Postfix 1999-09-06
Wietse Venema Postfix 1999-12-31
Wietse Venema Postfix 1.0.21
Wietse Venema Postfix 1.1.11
NA
CVE-2001-0894
Vulnerability in Postfix SMTP server prior to 20010228-pl07, when configured to email the postmaster when SMTP errors cause the session to terminate, allows remote malicious users to cause a denial of service (memory exhaustion) by generating a large number of SMTP errors, which ...
Wietse Venema Postfix 2000-02-28
Wietse Venema Postfix 1999-09-06
Wietse Venema Postfix 1999-12-31
5.9
CVSSv3
CVE-2019-16791
In postfix-mta-sts-resolver prior to 0.5.1, All users can receive incorrect response from daemon under rare conditions, rendering downgrade of effective STS policy.
Postfix-mta-sts-resolver Project Postfix-mta-sts-resolver
5.3
CVSSv3
CVE-2023-51764
Postfix up to and including 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation tec...
Postfix Postfix
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
5 Github repositories
6.1
CVSSv3
CVE-2012-0812
PostfixAdmin 2.3.4 has multiple XSS vulnerabilities
Postfix Admin Project Postfix Admin 2.3.4
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
NA
CVE-2005-0337
Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote malicious users to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname.
Wietse Venema Postfix 2.1.3
Redhat Enterprise Linux 4.0
Suse Suse Linux 9.0
Suse Suse Linux 9.1
Suse Suse Linux 8.2
Suse Suse Linux 8.0
Suse Suse Linux 8.1
Redhat Enterprise Linux Desktop 4.0
Suse Suse Linux 9.2
NA
CVE-2007-3791
Buffer overflow in the w_read function in sockets.c in Cami Sardinha and Nigel Kukard policyd prior to 1.81 for Postfix allows remote malicious users to cause a denial of service and possibly execute arbitrary code via long SMTP commands. NOTE: some of these details are obtained ...
Policyd Policyd 1.71
Policyd Policyd 1.72
Policyd Policyd 1.73
Policyd Policyd 1.80
Policyd Policyd 1.74
Policyd Policyd 1.75
Policyd Policyd 1.70
Policyd Policyd 1.78
Policyd Policyd 1.79
Policyd Policyd 1.76
Policyd Policyd 1.77
NA
CVE-2005-1099
Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening on a network interface, allow remote malicious users to execute arbitrary code.
Salim Gasmi Gld 1.3.1
Salim Gasmi Gld 1.4
Salim Gasmi Gld 1.0
Salim Gasmi Gld 1.1
Salim Gasmi Gld 1.2
Salim Gasmi Gld 1.3
3 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »