56 matches found
FreeBSD : fetchmail -- potential crash in -v -v verbose mode (168190df-3e9a-11dd-87bc-000ea69a5213)
Matthias Andree reports : Gunter Nau reported fetchmail crashing on some messages; further debugging by Petr Uzel and Petr Cerny at Novell/SUSE Czech Republic dug up that this happened when fetchmail was trying to print, in -v -v verbose level, headers exceeding 2048 bytes. In this situation,...
CVE-2008-2711
fetchmail 6.3.8 and earlier, when running in -v -v aka verbose mode, allows remote attackers to cause a denial of service crash and persistent mail failure via a malformed mail message with long headers, which triggers an erroneous dereference when using vsnprintf to format log messages...
CVE-2008-2711
fetchmail 6.3.8 and earlier, when running in -v -v aka verbose mode, allows remote attackers to cause a denial of service crash and persistent mail failure via a malformed mail message with long headers, which triggers an erroneous dereference when using vsnprintf to format log messages...
CVE-2008-2711
fetchmail 6.3.8 and earlier, when running in -v -v aka verbose mode, allows remote attackers to cause a denial of service crash and persistent mail failure via a malformed mail message with long headers, which triggers an erroneous dereference when using vsnprintf to format log messages...
CVE-2008-2711
fetchmail 6.3.8 and earlier, when running in -v -v aka verbose mode, allows remote attackers to cause a denial of service crash and persistent mail failure via a malformed mail message with long headers, which triggers an erroneous dereference when using vsnprintf to format log messages...
CVE-2007-5399
Multiple heap-based buffer overflows in emlsr.dll in the EML reader in Autonomy formerly Verity KeyView 10.3.0.0, as used by IBM Lotus Notes, allow remote attackers to execute arbitrary code via a long 1 To, 2 Cc, 3 Bcc, 4 From, 5 Date, 6 Subject, 7 Priority, 8 Importance, or 9 X-MSMail-Priority...
Heap overflow
Multiple heap-based buffer overflows in emlsr.dll in the EML reader in Autonomy formerly Verity KeyView 10.3.0.0, as used by IBM Lotus Notes, allow remote attackers to execute arbitrary code via a long 1 To, 2 Cc, 3 Bcc, 4 From, 5 Date, 6 Subject, 7 Priority, 8 Importance, or 9 X-MSMail-Priority...
CVE-2006-6505
Multiple heap-based buffer overflows in Mozilla Thunderbird before 1.5.0.9 and SeaMonkey before 1.0.7 allow remote attackers to execute arbitrary code via 1 external message modies with long Content-Type headers or 2 long RFC2047-encoded MIME non-ASCII headers...
CVE-2005-3182
Buffer overflow in the HTTP management interface for GFI MailSecurity 8.1 allows remote attackers to execute arbitrary code via long headers such as 1 Host and 2 Accept in HTTP requests. NOTE: the vendor suggests that this issues is "in an underlying Microsoft technology" which, if true, could me...
Apache HTTPd Arbitrary Long HTTP Headers DoS (c version)
No description provided by source. include include include include include include include include include define A 0x41 define PORT 80 struct sockaddrin hrm; int connchar ip int sockfd; hrm.sinfamily = AFINET; hrm.sinport = htonsPORT; hrm.sinaddr.saddr = inetaddrip; bzero&hrm.sinzero,8;...
Apache HTTPd Arbitrary Long HTTP Headers DoS
Exploit for unknown platform in category dos / poc ============================================ Apache HTTPd Arbitrary Long HTTP Headers DoS ============================================ /usr/bin/perl exploit for apache apgetmimeheaderscore vuln adv is here: http://www.guninski.com/httpd1.html...
Apache 2.x APR Exploit Code
I had planned to write this tool in C for the sake of using native functionality like crypt3 to support digest authentication. I'd also planned to support intermediate proxies, but a determined user can implement this via various tunneling applications with minimal complications, and I don't need...
DEBIAN-CVE-2002-1174
Buffer overflows in Fetchmail 6.0.0 and earlier allow remote attackers to cause a denial of service crash or execute arbitrary code via 1 long headers that are not properly processed by the readheaders function, or 2 via long Received: headers, which are not properly parsed by the parsereceived...
CVE-2002-1174
Buffer overflows in Fetchmail 6.0.0 and earlier allow remote attackers to cause a denial of service crash or execute arbitrary code via 1 long headers that are not properly processed by the readheaders function, or 2 via long Received: headers, which are not properly parsed by the parsereceived...
CVE-1999-1334
Multiple buffer overflows in filter command in Elm 2.4 allows attackers to execute arbitrary commands via 1 long From: headers, 2 long Reply-To: headers, or 3 via a long -f filterfile command line argument...
CVE-1999-1334
Multiple buffer overflows in filter command in Elm 2.4 allows attackers to execute arbitrary commands via 1 long From: headers, 2 long Reply-To: headers, or 3 via a long -f filterfile command line argument...