EUVD-2004-2512

Malware in sbrugna...

Moderate: Red Hat Security Advisory: Red Hat build of Keycloak 26.0.15 Images Update

New images are available for Red Hat build of Keycloak 26.0.15 and Red Hat build of Keycloak 26.0.15 Operator, running on OpenShift Container Platform Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Ha...

Design/Logic Flaw

The WP EXtra plugin for WordPress is vulnerable to unauthorized access to restricted functionality due to a missing capability check on the 'test-email' section of the register function in versions up to, and including, 6.2. This makes it possible for authenticated attackers, with minimal...

Axigen 安全漏洞

Axigen is a mail server with groupware and collaboration features from Axigen. A security vulnerability exists in Axigen version 10.3.3.52, which stems from a two-step authentication issue that allows an attacker to access mailboxes without any CAPTCHA by bypassing the two-step authentication usi...

Roehling Postsrsd Resource Management Error Vulnerability

Roehling Postsrsd is a C-based software from the individual developer Roehling that provides reverse SRS functionality for mail servers. A security vulnerability in PostSRSd before 1.10, which originated in srs2.c, allows remote attackers to cause a denial of service CPU consumption via a...

Dovecot Resource Management Error Vulnerability

Dovecot is an open source based on Linux/UNIX-like systems IMAP and POP3 mail server . Dovecot suffers from a resource management error vulnerability. The vulnerability originates from a network system or product that mismanages system resources e.g., memory, disk space, files, etc.. An attacker...

MailEnable Enterprise Premium Code Issue Vulnerability

MailEnable Enterprise Premium is a suite of POP3 and SMTP mail servers from MailEnable Australia. A code issue vulnerability exists in MailEnable Enterprise Premium version 10.23. The vulnerability arises from an improperly designed or implemented code development process for a network system or...

Cyrus IMAP Denial of Service Vulnerability

Cyrus IMAP is a free, open source Unix and Linux-based operating system for supporting IMAP Interactive Mail Access Protocol protocol mail server . A security vulnerability exists in the 'mboxlistdofind' function in the imap/mboxlist.c file in Cyrus IMAP versions prior to 3.0.4. A remote attacker...

Floosietek FTGate Mail Server 1.2 index.fts folder Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/10058/info It has been reported that FTGate is prone to multiple remote input validation vulnerabilities; a cross-site scripting issue and an HTML injection vulnerability. These issues are due to a failure of the...

1st Class Internet Solutions 1st Class Mail Server 4.0 - Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9794/info 1st Class Mail Server has been reported prone to a remote buffer overflow vulnerability. The issue exists due to a lack of sufficient boundary checks performed on user-supplied data. A remote attacker may pass...

CVE-2006-0812

The CVE-2006-0812 vulnerability affects VisNetic AntiVirus Plug-in for MailServer (DKAVUpSch.exe) versions 4.6.0.4 and 4.6.1.1 (and possibly earlier than 4.6.1.2). The root cause is that the plug-in does not drop privileges before executing other programs, enabling a local attacker with access to...

000102advisory.txt

Hat-Squad Advisory: Remote buffer overflow in MailEnable IMAP service Product: MailEnable Mail Server Vendor Url: http://www.mailenable.com Version: MailEnable Professional Edition v1.52, MailEnable Enterprise Edition v1.01 Vulnerability: Remote buffer overflow in IMAP service Release Date: 26...

CVE-2004-1673

accountsettingsadd.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allow remote attackers to create text files with arbitrary content via the accountid parameter...

FloosieTek FTGatePro 1.22 - Mail Server Full Path Disclosure

source: https://www.securityfocus.com/bid/8527/info FloosieTek FTGatePro Mail Server may disclose its installation path to remote attackers. This information could be useful when mounting further attacks against the system. This issue exists in the web administrative interface, which listens on...

FloosieTek FTGatePro 1.22 - Mail Server Cross-Site Scripting

source: https://www.securityfocus.com/bid/8528/info FloosieTek FTGatePro Mail Server is prone to a cross-site scripting vulnerability. A remote attacker could exploit this issue by enticing a legitimate user of the mail server to follow a malicious link with embedded HTML and script code. The...

CVE-1999-1012

SMTP component of Lotus Domino 4.6.1 on AS/400, and possibly other operating systems, allows a remote attacker to crash the mail server via a long string...

FreeBSD-SA-00:15.imap-uw

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:15 Security Advisory FreeBSD, Inc. Topic: imap-uw allows local users to deny service to any mailbox Category: ports Module: imap-uw Announced: 2000-04-24 Credits: Alex...