relay software vulnerabilities

Searching relay software vulnerabilities

A mail server is explicitly configured to allow

A mail server is explicitly configured to allow SMTP mail relay, which allows abuse by spammers.

US Robotics/3Com Total Control Chassis with Fra

US Robotics/3Com Total Control Chassis with Frame Relay between 3.6.22 and 3.7.24 does not properly enforce access filters when the "set host prompt" setting is made for a port, which allows attackers to bypass restrictions by providing the hostname twice at the "host: " prompt.

Open Projects Network Internet Relay Chat (IRC)

Open Projects Network Internet Relay Chat (IRC) daemon u2.10.05.18 does not perform a double-reverse DNS lookup, which allows remote attackers to spoof any valid hostname on the Internet. NOTE: a followup post suggests that this is not an issue in the daemon.

Domain Name Relay Daemon (dnrd) 2.10 and earlie

Daemon | Domain | Relay | Name |

Domain Name Relay Daemon (dnrd) 2.10 and earlier allows remote malicious DNS sites to cause a denial of service and possibly execute arbitrary code via a long or malformed DNS reply, which is not handled properly by parse_query, get_objectname, and possibly other functions.

IBM AIX 5.2 and earlier distributes Sendmail wi

IBM AIX 5.2 and earlier distributes Sendmail with a configuration file (sendmail.cf) with the (1) promiscuous_relay, (2) accept_unresolvable_domains, and (3) accept_unqualified_senders features enabled, which allows Sendmail to be used as an open mail relay for sending spam e-mail.

Venturi Client before 2.2, as used in certain F

Venturi Client before 2.2, as used in certain Fourelle and Venturi Wireless products, can be used as an open proxy for various protocols, including an open relay for SMTP, which allows it to be abused by spammers.

FreeScripts VisitorBook LE (visitorbook.pl) doe

VisitorBook | FreeScripts |

FreeScripts VisitorBook LE (visitorbook.pl) does not properly escape line breaks in input, which allows remote attackers to (1) use VisitorBook as an open mail relay, when $mailuser is 1, via extra headers in the email field, or (2) cause the guestbook database to be deleted via a large number of line breaks that exceeds the $max_posts variable.

Sendmail before 8.12.3 on Debian GNU/Linux, whe

Sendmail | before |

Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages.

Buffer overflow in qwik-smtpd allows remote att

Buffer overflow in qwik-smtpd allows remote attackers to use the server as an SMTP spam relay via a long HELO command, which overwrites the adjacent localIP data buffer.

Barracuda Spam Firewall 3.1.10 and earlier does

Barracuda | Firewall | Spam |

Barracuda Spam Firewall 3.1.10 and earlier does not restrict the domains that white-listed domains can send mail to, which allows members of white-listed domains to use Barracuda as an open mail relay for spam.

Buffer overflow in Domain Name Relay Daemon (DN

Buffer overflow in Domain Name Relay Daemon (DNRD) before 2.19.1 allows remote attackers to execute arbitrary code via a large number of large DNS packets with the Z and QR flags cleared.

Domain Name Relay Daemon (DNRD) before 2.19.1 a

Daemon | Domain | Relay | Name |

Domain Name Relay Daemon (DNRD) before 2.19.1 allows remote attackers to cause a denial of service (infinite recursion) via a DNS packet that uses message compression in the QNAME and two pointers that point to each other (circular buffer).

CRLF injection vulnerability in thesitewizard.c

CRLF injection vulnerability in thesitewizard.com chfeedback.pl Feedback Form Perl Script 2.0.1 allows remote attackers to use the script as a mail relay (spam proxy) via CRLF sequences in the (1) name or (2) email fields, which are injected into mail headers.

Free SMTP Server 2.2 allows remote attackers to

Free SMTP Server 2.2 allows remote attackers to use the server as an open mail relay (spam proxy).

DISPUTED Tor before 0.1.1.20 kills the c

DISPUTED | before | Tor |

** DISPUTED ** Tor before 0.1.1.20 kills the circuit when it receives an unrecognized relay command, which causes network circuits to be disbanded. NOTE: while this item is listed under the "Security fixes" section of the developer changelog, the developer clarified on Friday, July 07, 2006 that this is only a self-DoS. Therefore this issue should not be included in CVE.

nu_mail.inc.php in Andreas Kansok phPay 2.02 an

nu_mailincphp | Andreas | Kansok | phPay |

nu_mail.inc.php in Andreas Kansok phPay 2.02 and 2.02.1, when register_globals is enabled, allows remote attackers to use the server as an open mail relay via modified mail_text2, user_row[5], nu_mail_1, and shop_mail parameters. NOTE: some of these details are obtained from third party information.

Premium Antispam in Symantec Mail Security for

Premium Antispam in Symantec Mail Security for Domino Server 5.1.x before 5.1.2.28 does not filter certain SMTP address formats, which allows remote attackers to use the product as a spam relay.

KsIRC 1.3.12 allows remote attackers to cause a

KsIRC |

KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG string when connecting to an Internet Relay Chat (IRC) server, which causes an assertion failure and results in a NULL pointer dereference. NOTE: this issue was originally reported as a buffer overflow.

The DHCP relay agent in Cisco Adaptive Security

The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers to cause a denial of service (dropped packets) via a DHCPREQUEST or DHCPINFORM message that causes multiple DHCPACK messages to be sent from DHCP servers to the agent, which consumes the memory allocated for a local buffer. NOTE: this issue only occurs when multiple DHCP servers are used.

Software vulnerabilities results 1 to 20 of 20

Page: 12 ►

relay software vulnerabilities

vulnerabilities.aspcode.net

Searching relay software vulnerabilities