814 matches found
SpamAssassin: Execution of arbitrary code
Background SpamAssassin is an extensible email filter used to identify junk email. spamd is the daemonized version of SpamAssassin. Description When spamd is run with both the "--vpopmail" -v and "--paranoid" -P options, it is vulnerable to an unspecified issue. Impact With certain configuration...
CVE-2006-2447
SpamAssassin before 3.1.3, when running with vpopmail and the paranoid -P switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username...
security flaw
SpamAssassin before 3.1.3, when running with vpopmail and the paranoid -P switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username...
Preemptive Protection against Microsoft Distributed Transaction Coordinator Vulnerability (MS06-018)
Microsoft Distributed Transaction Coordinator MSDTC is a system service that coordinates transactions for Microsoft Windows platforms. A vulnerability was detected in the MDTC, allowing a remote attacker with the ability to send a crafted message to cause an affected system to stop responding...
CVE-2006-2075
CVE-2006-2075 concerns an unspecified vulnerability in MyDNS 1.1.0 that allows remote attackers to cause a denial of service by sending a crafted DNS message, popularly known as the “Query-of-death,” as demonstrated by the OUSPG PROTOS DNS test suite. The available connected documents confirm the...
CVE-2006-2073
CVE-2006-2073 concerns an unspecified vulnerability in ISC BIND (DNS server) where remote attackers can cause a denial of service by sending a crafted DNS message containing a “broken” TSIG. The description notes this was demonstrated with the OUSPG PROTOS DNS test suite. The available documents ...
CVE-2005-3183
The HTBoundaryputblock function in HTBound.c for W3C libwww w3c-libwww allows remote servers to cause a denial of service segmentation fault via a crafted multipart/byteranges MIME message that triggers an out-of-bounds read...
PT-2005-1103 · Dan Bernstein +2 · Qmail +2
Name of the Vulnerable Software and Affected Versions: qmail affected versions not specified Description: The issue is caused by an integer overflow in the stralloc readyplus function in qmail. This allows remote attackers to cause a denial of service and possibly execute arbitrary code via a lar...
RHEL 3 / 4 : gaim (RHSA-2005:429)
An updated gaim package that fixes two security issues is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. The Gaim application is a multi-protocol instant messaging client. A stack based buffer overflow bug was found in the way...
CVE-2005-0059
Buffer overflow in the Message Queuing component of Microsoft Windows 2000 and Windows XP SP1 allows remote attackers to execute arbitrary code via a crafted message...
DEBIAN-CVE-2005-0108
Apache modauthradius 1.5.4 and libpam-radius-auth allow remote malicious RADIUS servers to cause a denial of service crash via a RADIUSREPLYMESSAGE with a RADIUS attribute length of 1, which leads to a memcpy operation with a -1 length argument...
CVE-2004-1282
Buffer overflow in the strexpand function in string.c for LinPopUp 1.2.0 allows remote attackers to execute arbitrary code via a crafted message that is not properly handled during a Reply operation...
CVE-2004-1282
CVE-2004-1282 affects Linpopup (LinPopUp) 1.2.0 and is caused by a buffer overflow in string.c during reply handling, allowing remote code execution. Public sources confirm Linpopup vulnerability and provide fixed packages: Debian DSA-632-1 states the fix in linpopup 1.2.0-2woody1 (woody) and 1.2...
Critical: Red Hat Security Advisory: : Updated sendmail packages fix critical security issues
Updated Sendmail packages are available to fix a vulnerability that may allow remote attackers to gain root privileges by sending a carefully crafted message. These packages also fix a security bug if sendmail is configured to use smrsh. Sendmail is a widely used Mail Transport Agent MTA which is...