RSS   Podatności dla 'Netqmail'   RSS

2020-05-26
 
CVE-2020-3812

CWE-200
 

 
qmail-verify as used in netqmail 1.06 is prone to an information disclosure vulnerability. A local attacker can test for the existence of files and directories anywhere in the filesystem because qmail-verify runs as root and tests for the existence of files in the attacker's home directory, without dropping its privileges first.

 
 
CVE-2020-3811

CWE-20
 

 
qmail-verify as used in netqmail 1.06 is prone to a mail-address verification bypass vulnerability.

 


Copyright 2024, cxsecurity.com

 

Back to Top