CVE-2012-0811

{"id": "CVE-2012-0811", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-10-01T14:55:10.120", "references": [{"url": "http://www.codseq.it/advisories/multiple_vulnerabilities_in_postfixadmin", "tags": ["Exploit"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2012/01/26/5", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2012/01/27/5", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/51680", "source": "secalert@redhat.com"}, {"url": "https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3/CHANGELOG.TXT", "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "Multiple SQL injection vulnerabilities in Postfix Admin (aka postfixadmin) before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the pw parameter to the pacrypt function, when mysql_encrypt is configured, or (2) unspecified vectors that are used in backup files generated by backup.php."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en Postfix Admin (tambi\u00e9n conocido como postfixadmin) anterior a 2.3.5 permiten a usuarios remotos autenticados ejecutar comandos SQL a trav\u00e9s de (1) el par\u00e1metro pw en la funci\u00f3n pacrypt, cuando mysql_encrypt est\u00e1 configurado, o (2) vectores no especificados que se utilizan en los ficheros de las copias de seguridad generados por backup.php."}], "lastModified": "2014-10-02T16:39:19.863", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23A80121-F089-4DE1-8086-7454D66E8FEA", "versionEndIncluding": "2.3.4"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB5D16A3-59DA-407B-82E4-65C39EBD3710"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E5DF3A2-5F47-4D2A-802B-CE53872DDEFF"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A7A4BE9-7CBE-404F-B577-933AC26E6E81"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8872C496-2430-4EA6-B417-51C6877B874A"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB9646BA-E57D-4E1D-BF1A-FA137CA00ED8"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66B95D87-5B0B-48F6-8379-2521CFDE7CA9"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A09799F5-6084-4F06-B851-4FEA7873BF35"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9230082E-FE88-4001-A614-43E8DD76471B"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "258010A6-6B75-4663-AD5C-E7AD48B38DEE"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.0.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "602E668A-1343-457B-B0E1-CAB3CCA05BD1"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.0.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83C3C7F7-016F-458B-B40D-E06080552045"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.0.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE51A934-BFD2-4E61-9827-A934995BDCAB"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.0.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDF57DB8-3D17-4868-9FDF-81A0645FBC5A"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.0.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1BDE9CC6-A7C7-4B0E-A341-E441EF9C33FB"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.0.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D7ECFA4-01CF-4C44-949D-7781767B724A"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.0.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A568A8FC-7BB0-431B-8BFE-1BF28DD545B2"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.0.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2273956-8CEB-439E-8841-953580AE673D"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.0.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E074865-92E2-4AFC-8542-00273FDFACEC"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.0.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1274628A-B6F8-48DA-A7B0-7629362A0383"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.0.19:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4FAE9B3D-C867-4100-9F1A-1A925E6BCA2A"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "123ED520-D9A9-457E-B0FF-2164678F2FDA"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F03CC36-4E01-4298-8BF2-208EC2126E2D"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA763611-3C94-40EB-AC16-F6860FCBFDAC"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8725859-159E-49A5-91F2-12A6B300AE76"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D3B5347-F7FD-4291-8535-9D71F9F49568"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2750F62-79D5-41ED-8624-4DC36A23A03D"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1D09CC9-07C8-42C7-B7B2-25251C8615A8"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F28A5B6A-466B-4B24-9BD4-9DE15642A724"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8E7B624-C991-4EA1-A977-6C06F57B4E2F"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E899C1C0-18D1-43DE-BC55-C3C14F5395D2"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05F2CA7C-1BCE-4EBB-BFAA-6C27F03CAC9B"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "903BF741-FD7E-41F7-802D-88A09B7EFFFF"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F0A444A-E6FE-4585-BA6C-6061A87C6144"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.2.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "161082B7-A757-496C-9D35-681851CEA10B"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.2.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B02E2034-BB39-4B86-81CA-3BB93A4E4849"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.2.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29CF0FA6-F4F6-4A4B-89A6-057F835FFE89"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.2.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0055B0EA-775F-4670-A3F9-C1676DBB97D5"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.2.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "363704AE-66A9-4B58-A57E-47748F299471"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.2.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5226F933-9FB6-4BF6-AC3B-1A22D22F92F7"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.2.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0066AE84-D27D-4E9B-851B-40EDFD07C0BB"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B739C7B-93CC-4367-B006-E8A721ECBCF2"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BAE8A81E-3856-4908-B7B7-9CF511CA2A21"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B935272-1EC7-4C70-8299-9DC7594809EE"}, {"criteria": "cpe:2.3:a:postfix:postfix:2.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1647690F-D015-4DC4-9FB7-F5E9F0C430D9"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}