Winmail Server <= 4.2 Build 0824 Multiple Vulnerabilities

The remote host is running Winmail Server, a commercial mail server for Windows from AMAX Information Technologies. The web interface that is used by Winmail Server for reading mail and administering the server fails to sanitize user-supplied input to various parameters and scripts. Beyond the...

Hauri antivirus updates and antiviral databases content spoofing

Files integrity is not checked during update process...

CVE-2001-1125

Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download files, which allows remote attackers to execute arbitrary code via DNS spoofing of the update.symantec.com site...

fcheck prior to 2.07.59 - vulnerability - improper use of perl &#39;magic open&#39;

VULNERABLE: Probably all versions prior to 2.07.59 - the author of fcheck can't be bothered to note security fixes in his change log, but most likely all prior versions had this vulnerability. Vulnerability: by placing a carefully crafted filename in a directory checked by vulnerable versions of...

fcheck.txt

The short explanation: fcheck is a file integrity checker written in perl. It can send warnings to syslog via an external program such as logger1. Because it calls system with a scalar argument, a malicious user can cause it to execute programs by creating files with shell metacharacters in their...