In s/qmail through 4.0.07, an active MitM can inject arbitrary plaintext commands into a STARTTLS encrypted session between an SMTP client and s/qmail. This allows e-mail messages and user credentials to be sent to the MitM...
5.9CVSS
7.6AI Score
0.001EPSS
7.4AI Score
0.018EPSS
Denial of service in Qmail by specifying a large number of recipients with the RCPT...
7.3AI Score
0.001EPSS