Max CVSS 6.9 Min CVSS 6.8 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2011-0411 6.8
The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9, and 2.7.x before 2.7.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sess
10-08-2021 - 12:15 16-03-2011 - 22:55
CVE-2011-1720 6.8
The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows
09-10-2018 - 19:31 13-05-2011 - 17:05
CVE-2009-2939 6.9
The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files.
24-08-2011 - 03:02 21-09-2009 - 19:30
Back to Top Mark selected
Back to Top