CVE-2012-0811

Published Oct 1, 2014
Last updated 10 years ago
CVSS info 6.5
Overview

Description: Multiple SQL injection vulnerabilities in Postfix Admin (aka postfixadmin) before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the pw parameter to the pacrypt function, when mysql_encrypt is configured, or (2) unspecified vectors that are used in backup files generated by backup.php.
Source: secalert@redhat.com
NVD status: Analyzed
Risk scores

CVSS 2.0

Type: Primary
Base score: 6.5
Impact score: 6.4
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-89
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23A80121-F089-4DE1-8086-7454D66E8FEA",
            "versionEndIncluding": "2.3.4"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB5D16A3-59DA-407B-82E4-65C39EBD3710"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E5DF3A2-5F47-4D2A-802B-CE53872DDEFF"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1A7A4BE9-7CBE-404F-B577-933AC26E6E81"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8872C496-2430-4EA6-B417-51C6877B874A"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB9646BA-E57D-4E1D-BF1A-FA137CA00ED8"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66B95D87-5B0B-48F6-8379-2521CFDE7CA9"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A09799F5-6084-4F06-B851-4FEA7873BF35"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9230082E-FE88-4001-A614-43E8DD76471B"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "258010A6-6B75-4663-AD5C-E7AD48B38DEE"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "602E668A-1343-457B-B0E1-CAB3CCA05BD1"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83C3C7F7-016F-458B-B40D-E06080552045"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.0.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE51A934-BFD2-4E61-9827-A934995BDCAB"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.0.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BDF57DB8-3D17-4868-9FDF-81A0645FBC5A"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.0.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1BDE9CC6-A7C7-4B0E-A341-E441EF9C33FB"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.0.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D7ECFA4-01CF-4C44-949D-7781767B724A"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.0.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A568A8FC-7BB0-431B-8BFE-1BF28DD545B2"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.0.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B2273956-8CEB-439E-8841-953580AE673D"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.0.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E074865-92E2-4AFC-8542-00273FDFACEC"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.0.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1274628A-B6F8-48DA-A7B0-7629362A0383"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.0.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4FAE9B3D-C867-4100-9F1A-1A925E6BCA2A"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "123ED520-D9A9-457E-B0FF-2164678F2FDA"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F03CC36-4E01-4298-8BF2-208EC2126E2D"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DA763611-3C94-40EB-AC16-F6860FCBFDAC"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E8725859-159E-49A5-91F2-12A6B300AE76"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D3B5347-F7FD-4291-8535-9D71F9F49568"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2750F62-79D5-41ED-8624-4DC36A23A03D"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C1D09CC9-07C8-42C7-B7B2-25251C8615A8"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F28A5B6A-466B-4B24-9BD4-9DE15642A724"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C8E7B624-C991-4EA1-A977-6C06F57B4E2F"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E899C1C0-18D1-43DE-BC55-C3C14F5395D2"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "05F2CA7C-1BCE-4EBB-BFAA-6C27F03CAC9B"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "903BF741-FD7E-41F7-802D-88A09B7EFFFF"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F0A444A-E6FE-4585-BA6C-6061A87C6144"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "161082B7-A757-496C-9D35-681851CEA10B"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B02E2034-BB39-4B86-81CA-3BB93A4E4849"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.2.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "29CF0FA6-F4F6-4A4B-89A6-057F835FFE89"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.2.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0055B0EA-775F-4670-A3F9-C1676DBB97D5"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.2.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "363704AE-66A9-4B58-A57E-47748F299471"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.2.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5226F933-9FB6-4BF6-AC3B-1A22D22F92F7"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.2.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0066AE84-D27D-4E9B-851B-40EDFD07C0BB"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B739C7B-93CC-4367-B006-E8A721ECBCF2"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BAE8A81E-3856-4908-B7B7-9CF511CA2A21"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B935272-1EC7-4C70-8299-9DC7594809EE"
          },
          {
            "criteria": "cpe:2.3:a:postfix:postfix:2.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1647690F-D015-4DC4-9FB7-F5E9F0C430D9"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
