Lucene search
K

814 matches found

Gentoo Linux
Gentoo Linux
added 2006/06/11 12:0 a.m.27 views

SpamAssassin: Execution of arbitrary code

Background SpamAssassin is an extensible email filter used to identify junk email. spamd is the daemonized version of SpamAssassin. Description When spamd is run with both the "--vpopmail" -v and "--paranoid" -P options, it is vulnerable to an unspecified issue. Impact With certain configuration...

5.1CVSS7AI score0.74703EPSS
Exploits12
UbuntuCve
UbuntuCve
added 2006/06/06 9:6 p.m.18 views

CVE-2006-2447

SpamAssassin before 3.1.3, when running with vpopmail and the paranoid -P switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username...

5.1CVSS6.2AI score0.74703EPSS
Exploits12References1
RedHat Linux
RedHat Linux
added 2006/06/06 5:8 p.m.6 views

security flaw

SpamAssassin before 3.1.3, when running with vpopmail and the paranoid -P switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username...

5.1CVSS6.2AI score0.74703EPSS
Exploits12References4
Check Point Advisories
Check Point Advisories
added 2006/05/09 12:0 a.m.14 views

Preemptive Protection against Microsoft Distributed Transaction Coordinator Vulnerability (MS06-018)

Microsoft Distributed Transaction Coordinator MSDTC is a system service that coordinates transactions for Microsoft Windows platforms. A vulnerability was detected in the MDTC, allowing a remote attacker with the ability to send a crafted message to cause an affected system to stop responding...

7.5CVSS6AI score0.30542EPSS
Exploits0
CVE
CVE
added 2006/04/27 10:0 p.m.46 views

CVE-2006-2075

CVE-2006-2075 concerns an unspecified vulnerability in MyDNS 1.1.0 that allows remote attackers to cause a denial of service by sending a crafted DNS message, popularly known as the “Query-of-death,” as demonstrated by the OUSPG PROTOS DNS test suite. The available connected documents confirm the...

5CVSS6.5AI score0.02169EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2006/04/27 10:0 p.m.70 views

CVE-2006-2073

CVE-2006-2073 concerns an unspecified vulnerability in ISC BIND (DNS server) where remote attackers can cause a denial of service by sending a crafted DNS message containing a “broken” TSIG. The description notes this was demonstrated with the OUSPG PROTOS DNS test suite. The available documents ...

5CVSS7.2AI score0.07986EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2005/10/12 10:2 p.m.18 views

CVE-2005-3183

The HTBoundaryputblock function in HTBound.c for W3C libwww w3c-libwww allows remote servers to cause a denial of service segmentation fault via a crafted multipart/byteranges MIME message that triggers an out-of-bounds read...

4.3CVSS6.2AI score0.02099EPSS
Exploits1References15
Positive Technologies
Positive Technologies
added 2005/05/11 12:0 a.m.6 views

PT-2005-1103 · Dan Bernstein +2 · Qmail +2

Name of the Vulnerable Software and Affected Versions: qmail affected versions not specified Description: The issue is caused by an integer overflow in the stralloc readyplus function in qmail. This allows remote attackers to cause a denial of service and possibly execute arbitrary code via a lar...

9.8CVSS7.4AI score0.10789EPSS
Exploits8References61
Tenable Nessus
Tenable Nessus
added 2005/05/11 12:0 a.m.31 views

RHEL 3 / 4 : gaim (RHSA-2005:429)

An updated gaim package that fixes two security issues is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. The Gaim application is a multi-protocol instant messaging client. A stack based buffer overflow bug was found in the way...

7.5CVSS6.4AI score0.12396EPSS
Exploits0References5
Cvelist
Cvelist
added 2005/04/13 4:0 a.m.38 views

CVE-2005-0059

Buffer overflow in the Message Queuing component of Microsoft Windows 2000 and Windows XP SP1 allows remote attackers to execute arbitrary code via a crafted message...

7.5AI score0.76803EPSS
Exploits10References3
OSV
OSV
added 2005/01/11 5:0 a.m.4 views

DEBIAN-CVE-2005-0108

Apache modauthradius 1.5.4 and libpam-radius-auth allow remote malicious RADIUS servers to cause a denial of service crash via a RADIUSREPLYMESSAGE with a RADIUS attribute length of 1, which leads to a memcpy operation with a -1 length argument...

5CVSS6.5AI score0.03446EPSS
Exploits1References1
NVD
NVD
added 2005/01/10 5:0 a.m.19 views

CVE-2004-1282

Buffer overflow in the strexpand function in string.c for LinPopUp 1.2.0 allows remote attackers to execute arbitrary code via a crafted message that is not properly handled during a Reply operation...

10CVSS7.7AI score0.09107EPSS
Exploits1References3
CVE
CVE
added 2004/12/22 5:0 a.m.51 views

CVE-2004-1282

CVE-2004-1282 affects Linpopup (LinPopUp) 1.2.0 and is caused by a buffer overflow in string.c during reply handling, allowing remote code execution. Public sources confirm Linpopup vulnerability and provide fixed packages: Debian DSA-632-1 states the fix in linpopup 1.2.0-2woody1 (woody) and 1.2...

10CVSS7.6AI score0.09107EPSS
Exploits1References3Affected Software1
RedHat Linux
RedHat Linux
added 2003/03/03 5:4 p.m.4 views

Critical: Red Hat Security Advisory: : Updated sendmail packages fix critical security issues

Updated Sendmail packages are available to fix a vulnerability that may allow remote attackers to gain root privileges by sending a carefully crafted message. These packages also fix a security bug if sendmail is configured to use smrsh. Sendmail is a widely used Mail Transport Agent MTA which is...

10CVSS6.3AI score0.72202EPSS
Exploits3References2
Rows per page
Query Builder