53 matches found
CVE-2002-1652
CVE-2002-1652 concerns CGIEmail’s CGICso (cgicso.c) in CGIEmail 1.6. The issue is a buffer overflow in cgicso.c triggered by a long query parameter, leading to remote denial of service and the possibility of arbitrary code execution. The OpenVAS entry corroborates a vulnerability in CGIEmail’s cg...
CVE-2002-1652
Buffer overflow in cgicso.c for cgiemail 1.6 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long query parameter...
Debian DSA-437-1 : cgiemail - open mail relay
A vulnerability was discovered in cgiemail, a CGI program used to email the contents of an HTML form, whereby it could be used to send email to arbitrary addresses. This type of vulnerability is commonly exploited to send unsolicited commercial email spam. %NASLMINLEVEL 70300 C Tenable Network...
CVE-2002-1575
cgiemail allows remote attackers to use cgiemail as a spam proxy via CRLF injection of encoded newline %0a characters in parameters such as "required-subject," which can be used to modify the CC, BCC, and other header fields in the generated email message...
[SECURITY] [DSA 437-1] New cgiemail packages fix open mail relaying
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 437-1 [email protected] http://www.debian.org/security/ Matt Zimmerman February 11th, 2004 http://www.debian.org/security/faq -...
[SECURITY] [DSA 437-1] New cgiemail packages fix open mail relaying
-------------------------------------------------------------------------- Debian Security Advisory DSA 437-1 [email protected] http://www.debian.org/security/ Matt Zimmerman February 11th, 2004 http://www.debian.org/security/faq -...
CVE-2002-1575
The CVE-2002-1575 entry concerns cgiemail, a CGI form-mail utility. The vulnerability enables remote attackers to use cgiemail as a spam proxy via CRLF injection of encoded newline characters in parameters (e.g., required-subject), allowing modification of CC/BCC/header fields in generated emails...
CVE-2002-1575
cgiemail allows remote attackers to use cgiemail as a spam proxy via CRLF injection of encoded newline %0a characters in parameters such as "required-subject," which can be used to modify the CC, BCC, and other header fields in the generated email message...
DSA-437 cgiemail - open mail relay
Bulletin has no description...
CVE-2002-1652
Buffer overflow in cgicso.c for cgiemail 1.6 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long query parameter...
cgiemail web-based email system does not adequately validate user input thereby causing buffer overflow in cgisco.c
Overview There exists a buffer overflow vulnerability in cgiemail that allows execution of arbitrary code. Description cgiemail is a CGI program maintained that composes data submitted on Web forms into email messages. The cgicso.c component of the web-based email system cgiemail contains a buffe...
CGIEmail 1.6 - Remote Buffer Overflow
CGIEmail 1.6 - Remote Buffer Overflow // source: https://www.securityfocus.com/bid/6141/info A vulnerability has been discovered in CGIEmail. It should be noted that this vulnerability exists only if the server allows queries to remote hosts. A remotely exploitable buffer overflow has been...
CGIEmail 1.6 - Remote Buffer Overflow
// source: https://www.securityfocus.com/bid/6141/info A vulnerability has been discovered in CGIEmail. It should be noted that this vulnerability exists only if the server allows queries to remote hosts. A remotely exploitable buffer overflow has been discovered in a component included with...