Security Advisory

CVE-2010-3292

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-11-12 20:37:57

Last updated 2024-08-07 03:03:18

Assigner redhat

State PUBLISHED

Description

The update{_bad,}_phishing_sites scripts in mailscanner 4.79.11-2 downloads files and trusts them without using encryption (e.g., https) or digital signature checking which could allow an attacker to replace certain configuration files (e.g., phishing whitelist) via dns/packet spoofing.

← Browse all CVEs View on cve.org ↗