175 matches found
CVE-2009-3095
The modproxyftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pa...
Ubuntu 6.06 LTS / 7.10 / 8.04 LTS : hplip vulnerabilities (USN-674-1)
It was discovered that the hpssd tool of hplip did not validate privileges in the alert-mailing function. A local attacker could exploit this to gain privileges and send e-mail messages from the account of the hplip user. This update alters hplip behaviour by preventing users from setting alerts...
Serv-U < 7.4.0.0 Multiple Command Argument Handling DoS
Binary data 4810.prm...
Softalk IMAP Server DoS
IMAP APPEND command handling vulnerability...
hMailServer < 4.4.2 build 279 IMAP Command Handling Remote DoS
The remote host is running hMailServer, a mail server for Windows. By sending large amounts of data along with certain IMAP commands such as 'CREATE' or 'RENAME', an authenticated user may be able to crash the remote mail server. C Tenable Network Security, Inc. include"compat.inc"; if descriptio...
CVE-2007-4449
The CVE-2007-4449 entry details a denial-of-service condition in Toribash versions 2.71 and earlier caused by processing a command without a line feed character (shown via a SAY command). Connected records (NVD/CVE list) confirm the issue affects the server/client handling of long commands, enabl...
Buffer overflow
Multiple buffer overflows in E-Post Mail Server 4.10 and SPA-PRO Mail @Solomon 4.00 allow remote attackers to execute arbitrary code via a long username to the 1 AUTH PLAIN or 2 AUTH LOGIN SMTP commands, which is not properly handled by a EPSTRS.EXE or b SPA-RS.EXE; 3 a long username in the APOP...
[Full-disclosure] Prevx Pro 2005 - Multiple Vulnerabilities
Prevx Pro 2005 - Multiple Vulnerabilities ================================================= PROGRAM: PrevX Pro 2005 OMEPAGE: http://www.prevx.com DESCRIPTION ================================================= " Prevx Pro 2005 is the new ‘must have' security solution. Prevx Pro utilises the latest...
FreeBSD : a2ps -- insecure command line argument handling (4)
The following package needs to be updated: a2ps-a4 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg8091fceaf35e11d881b0000347a4fa7d.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...
SurgeMail < 3.9g2-2 IMAP Command Handling Unspecified DoS
Binary data 4555.prm...
Titan FTP Server 3.0 - 'LIST' Denial of Service
source: https://www.securityfocus.com/bid/10272/info Titan FTP is prone to a remote denial of service vulnerability when handling the 'LIST' command. A remote attacker can cause the FTP server to crash by improperly handling a non-existent socket. !/usr/bin/perl Test for Titan FTP server security...
Sami FTP Server Multiple DoS
The remote host is running SAMI FTP server. There is a bug in the way this server handles certain FTP command requests that may allow an attacker to crash the affected service. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid12061; scriptversion"1.23";...
MDaemon POP Server Multiple Command Remote Overflow DoS
According to its banner, the remote POP server has a denial of service vulnerability. Input to the DELE and UIDL commands are not properly handled. A remote, authenticated attacker could exploit this to crash the POP service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
CVE-2000-0645
WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by using the RESTART REST command and writing beyond the end of a file, or writing to a file that does not exist, via commands such as STORE UNIQUE STOU, STORE STOR, or APPEND APPE...
Ray Chan WWW Authorization Gateway 0.1 - Command Execution
Ray Chan WWW Authorization Gateway 0.1 - Command Execution source: https://www.securityfocus.com/bid/152/info A vulnerability exists in the WWW Authorization Gateway program written by Ray Chan. Version 1.0 fails to eliminate characters with special meaning to the shell prior to executing a...