Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
postfix vulnerabilities and exploits
(subscribe to this query)
614
VMScore
CVE-2008-4977
postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/postfix_groups.stdout, (2) /tmp/postfix_groups.stderr, and (3) /tmp/postfix_groups.message temporary files. NOTE: the vendor disputes this vulnerability, statin...
Postfix Postfix 2.5.2
510
VMScore
CVE-2003-0540
The address parser code in Postfix 1.1.12 and previous versions allows remote malicious users to cause a denial of service (lock) via (1) a malformed envelope address to a local host that would generate a bounce and contains the ".!" string in the MAIL FROM or Errors-To...
Conectiva Linux 7.0
Conectiva Linux 8.0
Wietse Venema Postfix 1.0.21
Wietse Venema Postfix 1.1.11
Wietse Venema Postfix 1.1.12
Wietse Venema Postfix 2000-02-28
Wietse Venema Postfix 2001-11-15
Wietse Venema Postfix 1999-09-06
Wietse Venema Postfix 1999-12-31
2 EDB exploits
445
VMScore
CVE-2003-0468
Postfix 1.1.11 and previous versions allows remote malicious users to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which ...
Wietse Venema Postfix 2000-02-28
Wietse Venema Postfix 2001-11-15
Conectiva Linux 7.0
Conectiva Linux 8.0
Wietse Venema Postfix 1999-09-06
Wietse Venema Postfix 1999-12-31
Wietse Venema Postfix 1.0.21
Wietse Venema Postfix 1.1.11
445
VMScore
CVE-2001-0894
Vulnerability in Postfix SMTP server prior to 20010228-pl07, when configured to email the postmaster when SMTP errors cause the session to terminate, allows remote malicious users to cause a denial of service (memory exhaustion) by generating a large number of SMTP errors, which ...
Wietse Venema Postfix 2000-02-28
Wietse Venema Postfix 1999-09-06
Wietse Venema Postfix 1999-12-31
383
VMScore
CVE-2019-16791
In postfix-mta-sts-resolver prior to 0.5.1, All users can receive incorrect response from daemon under rare conditions, rendering downgrade of effective STS policy.
Postfix-mta-sts-resolver Project Postfix-mta-sts-resolver
NA
CVE-2023-51764
Postfix up to and including 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation tec...
Postfix Postfix
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
5 Github repositories
383
VMScore
CVE-2012-0812
PostfixAdmin 2.3.4 has multiple XSS vulnerabilities
Postfix Admin Project Postfix Admin 2.3.4
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
668
VMScore
CVE-2005-0337
Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote malicious users to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname.
Wietse Venema Postfix 2.1.3
Redhat Enterprise Linux 4.0
Suse Suse Linux 9.0
Suse Suse Linux 9.1
Suse Suse Linux 8.2
Suse Suse Linux 8.0
Suse Suse Linux 8.1
Redhat Enterprise Linux Desktop 4.0
Suse Suse Linux 9.2
668
VMScore
CVE-2007-3791
Buffer overflow in the w_read function in sockets.c in Cami Sardinha and Nigel Kukard policyd prior to 1.81 for Postfix allows remote malicious users to cause a denial of service and possibly execute arbitrary code via long SMTP commands. NOTE: some of these details are obtained ...
Policyd Policyd 1.71
Policyd Policyd 1.72
Policyd Policyd 1.73
Policyd Policyd 1.80
Policyd Policyd 1.74
Policyd Policyd 1.75
Policyd Policyd 1.70
Policyd Policyd 1.78
Policyd Policyd 1.79
Policyd Policyd 1.76
Policyd Policyd 1.77
1000
VMScore
CVE-2005-1099
Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening on a network interface, allow remote malicious users to execute arbitrary code.
Salim Gasmi Gld 1.3.1
Salim Gasmi Gld 1.4
Salim Gasmi Gld 1.0
Salim Gasmi Gld 1.1
Salim Gasmi Gld 1.2
Salim Gasmi Gld 1.3
3 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »