Lucene search
+L

36 matches found

nvd
nvd
added 2017/06/12 8:29 p.m.19 views

CVE-2015-9096

Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring...

6.1CVSS7.2AI score0.03675EPSS
Exploits1References6
cve
cve
added 2017/06/12 8:0 p.m.135 views

CVE-2015-9096

CVE-2015-9096 affects Net::SMTP in Ruby prior to 2.4.0, allowing SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands, demonstrated around a DATA substring. The vulnerability applies to Ruby’s Net::SMTP implementation and, per the initial description, is fixed in Ruby 2.4.0 ...

6.1CVSS6.8AI score0.03675EPSS
Exploits1References6Affected Software1
cvelist
cvelist
added 2017/06/12 8:0 p.m.26 views

CVE-2015-9096

Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring...

8AI score0.03675EPSS
Exploits1References6
ubuntucve
ubuntucve
added 2017/06/12 12:0 a.m.49 views

CVE-2015-9096

Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring...

6.1CVSS6.8AI score0.03675EPSS
Exploits1References4
osv
osv
added 2017/06/12 12:0 a.m.8 views

UBUNTU-CVE-2015-9096

Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring...

6.1CVSS6.8AI score0.03675EPSS
Exploits1References5
hackerone
hackerone
added 2016/05/10 7:39 p.m.53 views

Ruby: SMTP command injection

Net::SMTP is vulnerable to RCPT TO/MAIL FROM injection due to lack of input validation and conformance to the SMTP protocol. Publicly disclosed already: http://www.mbsd.jp/Whitepaper/smtpi.pdf People are wrongly assigning this to the mail gem http://rubysec.com/advisories/OSVDB-131677/ and thinki...

0.1AI score
Exploits0
rubygems
rubygems
added 2015/12/09 12:0 a.m.35 views

SMTP command injection

Net::SMTP is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring. Applications that validate email address format are not affected by this vulnerability. The injection attack is...

6.1CVSS6.9AI score0.03675EPSS
Exploits1References1Affected Software1
packetstorm
packetstorm
added 2013/04/29 12:0 a.m.16 views

Ipswitch IMail 11.01 Cross Site Scripting

!/usr/bin/perl Exploit Title: Ipswitch IMail 11.01 XSS Vulnerability Date: 26-04-2013 Author: DaOne aka Mocking Bird Vendor Homepage: http://www.ipswitch.com/ Platform: windows use Net::SMTP; ARGV Check if $ARGV != 2 print "\nUSAGE: IMail.pl \n"; exit; $host = $ARGV0; $attacker = $ARGV1; $victim ...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2013/04/29 12:0 a.m.14 views

Ipswitch IMail 11.01 - Cross-Site Scripting

Ipswitch IMail 11.01 - Cross-Site Scripting !/usr/bin/perl Exploit Title: Ipswitch IMail 11.01 XSS Vulnerability Date: 26-04-2013 Author: DaOne aka Mocking Bird Vendor Homepage: http://www.ipswitch.com/ Platform: windows use Net::SMTP; ARGV Check if $ARGV != 2 print "\nUSAGE: IMail.pl \n"; exit;...

6.8AI score
Exploits0
exploitdb
exploitdb
added 2013/04/29 12:0 a.m.23 views

Ipswitch IMail 11.01 - Cross-Site Scripting

!/usr/bin/perl Exploit Title: Ipswitch IMail 11.01 XSS Vulnerability Date: 26-04-2013 Author: DaOne aka Mocking Bird Vendor Homepage: http://www.ipswitch.com/ Platform: windows use Net::SMTP; ARGV Check if $ARGV != 2 print "\nUSAGE: IMail.pl \n"; exit; $host = $ARGV0; $attacker = $ARGV1; $victim ...

7.4AI score
Exploits0
zdt
zdt
added 2013/04/28 12:0 a.m.16 views

Ipswitch IMail 11.01 XSS Vulnerability

Exploit for windows platform in category remote exploits !/usr/bin/perl 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote,...

7.1AI score
Exploits0
packetstorm
packetstorm
added 2009/02/04 12:0 a.m.42 views

Novell GroupWise 8.0 RCPT Off-By-One Exploit

!usr/bin/perl -w QUICK AND DIRTY EXPLOIT Off-by-one error in the SMTP daemon in GroupWise Internet Agent GWIA in Novell GroupWise 6.5x, 7.0, 7.01, 7.02, 7.03, 7.03HP1a, and 8.0 allows remote attackers to execute arbitrary code via a long e-mail address in a malformed RCPT command, leading to a...

10CVSS0.09655EPSS
Exploits6
exploitdb
exploitdb
added 2009/02/04 12:0 a.m.46 views

Novell Groupwise 8.0 - 'RCPT' Off-by-One

!usr/bin/perl -w QUICK AND DIRTY EXPLOIT Off-by-one error in the SMTP daemon in GroupWise Internet Agent GWIA in Novell GroupWise 6.5x, 7.0, 7.01, 7.02, 7.03, 7.03HP1a, and 8.0 allows remote attackers to execute arbitrary code via a long e-mail address in a malformed RCPT command, leading to a...

10CVSS6.5AI score0.09655EPSS
Exploits6
zdt
zdt
added 2009/02/04 12:0 a.m.26 views

Novell GroupWise <= 8.0 Malformed RCPT command Off-by-one Exploit

Exploit for unknown platform in category dos / poc ================================================================= Novell GroupWise = 8.0 Malformed RCPT command Off-by-one Exploit ================================================================= !usr/bin/perl -w QUICK AND DIRTY EXPLOIT Off-by-o...

7AI score0.09655EPSS
Exploits6
exploitpack
exploitpack
added 2009/02/04 12:0 a.m.50 views

Novell Groupwise 8.0 - RCPT Off-by-One

Novell Groupwise 8.0 - RCPT Off-by-One !usr/bin/perl -w QUICK AND DIRTY EXPLOIT Off-by-one error in the SMTP daemon in GroupWise Internet Agent GWIA in Novell GroupWise 6.5x, 7.0, 7.01, 7.02, 7.03, 7.03HP1a, and 8.0 allows remote attackers to execute arbitrary code via a long e-mail address in a...

10CVSS6.5AI score0.09655EPSS
Exploits6
nessus
nessus
added 2008/12/22 12:0 a.m.37 views

Fedora 9 : git-1.5.6.6-1.fc9 (2008-11650)

This update fixes a local privilege escalation bug in gitweb. For details: http://article.gmane.org/gmane.comp.version-control.git/103624 Additionally, gitk has been added as a requirement of git-gui bug 476308 and perlNet::SMTP::SSL has been added as a requirement of git-send-email bug 443615...

4.6CVSS5.2AI score0.00458EPSS
Exploits0References4
Rows per page
Query Builder