Unrated severityNVD Advisory· Published Nov 12, 2019· Updated Aug 7, 2024
CVE-2010-3292
CVE-2010-3292
Description
The update{_bad,}_phishing_sites scripts in mailscanner 4.79.11-2 downloads files and trusts them without using encryption (e.g., https) or digital signature checking which could allow an attacker to replace certain configuration files (e.g., phishing whitelist) via dns/packet spoofing.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2=4.79.11-2+ 1 more
- (no CPE)range: =4.79.11-2
- (no CPE)range: 4.79.11-2
Patches
Vulnerability mechanics
References
4- access.redhat.com/security/cve/cve-2010-3292mitrex_refsource_MISC
- bugs.debian.org/cgi-bin/bugreport.cgimitrex_refsource_MISC
- security-tracker.debian.org/tracker/CVE-2010-3292mitrex_refsource_MISC
- www.openwall.com/lists/oss-security/2010/09/13/9mitremailing-listx_refsource_MLIST
News mentions
0No linked articles in our index yet.