83 matches found
CVE-2006-0929
Directory traversal vulnerability in the IMAP server in ArGoSoft Mail Server Pro 1.8.8.1 allows remote authenticated users to create arbitrary folders via a .. dot dot in the RENAME command...
CVE-2006-0928
The CVE-2006-0928 issue affects ArGoSoft Mail Server Pro 1.8, where the POP3 server exposes a _DUMP command that unauthenticated remote users can use to disclose sensitive information (OS, registered user, and registration code). The NVD entry records a base score of 5.0 (Medium) with network acc...
CVE-2006-0929
CVE-2006-0929 affects the IMAP server of ArGoSoft Mail Server Pro 1.8.8.1. The issue is a directory traversal in the IMAP RENAME command where mailbox names are not filtered for "..", allowing an authenticated remote attacker to create/move folders arbitrarily on the affected system. The connecte...
CVE-2006-0930
Summary: CVE-2006-0930 describes a directory traversal vulnerability in Webmail of ArGoSoft Mail Server Pro 1.8. Affected component: Webmail/UIDL handling. Root cause: improper handling of the UIDL parameter allowing directory traversal via “..” sequences, enabling a remote authenticated user to ...
Secunia Research: ArGoSoft Mail Server Pro viewheaders Script Insertion
====================================================================== Secunia Research 27/02/2006 - ArGoSoft Mail Server Pro viewheaders Script Insertion - ====================================================================== Table of Contents Affected...
ArGoSoft Mail Server Pro Webmail viewheaders Multiple Field XSS
The remote host is running ArGoSoft Mail Server Pro, a messaging system for Windows. According to its banner, the webmail server bundled with the version of ArGoSoft Mail Server Pro installed on the remote host fails to properly filter message headers before displaying them as part of a message t...
NSAG-200-24.02.2006.txt
Advisory: NSAG-¹200-24.02.2006 Research: NSA Group Russian company on Audit of safety & Network security Site of Research: http://www.nsag.ru or http://www.nsag.org Product: ArGoSoft Mail Server Pro 1.8 IMAP Site of manufacturer: www.argosoft.com The status: 19/11/2005 - Publication is postponed...
NSA Group Security Advisory NSAG-№198-23.02.2006 Vulnerability ArGoSoft Mail Server Pro
Advisory: NSAG-№201-24.02.2006 Research: NSA Group Russian company on Audit of safety & Network security Site of Research: http://www.nsag.ru or http://www.nsag.org Product: ArGoSoft Mail Server Pro 1.8 POP Site of manufacturer: www.argosoft.com The status: 19/11/2005 - Publication is postponed...
KMiNT21.txt
Summary: Buffer overflow in KMiNT21 Software Golden FTP Server Pro v2.52 10.04.2005 http://www.goldenftpserver.com/ Details: Passing an overly long username parameter to the FTP server causes the EIP register to be overwritten after the USER/PASS login sequence is completed. Once this has been do...
CVE-2005-1485
Golden FTP Server Pro 2.52 is affected by an information-disclosure vulnerability: when a GET request targets a non-existent file, the FTP error response reveals the absolute path of the server. This is a server-side path disclosure issue that can aid an attacker in mapping the environment. The p...
Golden FTP Server Pro 2.52 - Remote Buffer Overflow (1)
/ Golden FTP Server Pro Remote Buffer Overflow Exploit Bug Discovered by Reed Arvin http://reedarvin.thearvins.com Exploit coded By ATmaCA Web: atmacasoft.com && spyinstructors.com E-Mail: [email protected] Credit to kozan and metasploit Usage:exploit / / Vulnerable Versions: Golden FTP Server P...
Golden FTP Server Pro 2.52 Remote Buffer Overflow Exploit (3rd)
No description provided by source. / \ golden ftp 2.52.0.0 remote r00t exploit / \ remote r00t exploit binds 4444 port on remote machine. / tested on: winxp sp0 rus \ / simple stack overflow in golden ftpd. \ if retaddr isn't right, ftpd will crash, and admin will be in big shit / 'coz ftpd won't...
Golden FTP Server Pro 2.52 Remote Buffer Overflow Exploit
Exploit for unknown platform in category remote exploits ========================================================= Golden FTP Server Pro 2.52 Remote Buffer Overflow Exploit ========================================================= / Golden FTP Server Pro Remote Buffer Overflow Exploit Bug...
Golden FTP Server Pro 2.52 Remote Buffer Overflow Exploit (2nd)
No description provided by source. / Golden FTP Server Pro remote stack BOF exploit author : c0d3r "kaveh razavi" [email protected] [email protected] risk : highly critical vender status : no patch released , all targets are vuln package : golden-ftp-server-pro 2.5.0.0 and prior advisory :...
Golden FTP Server Pro 2.52 - Remote Buffer Overflow (1)
Golden FTP Server Pro 2.52 - Remote Buffer Overflow 1 / Golden FTP Server Pro Remote Buffer Overflow Exploit Bug Discovered by Reed Arvin http://reedarvin.thearvins.com Exploit coded By ATmaCA Web: atmacasoft.com && spyinstructors.com E-Mail: [email protected] Credit to kozan and metasploit...
Buffer overflow in KMiNT21 Software Golden FTP Server Pro v2.52 (10.04.2005)
Summary: Buffer overflow in KMiNT21 Software Golden FTP Server Pro v2.52 10.04.2005 http://www.goldenftpserver.com/ Details: Passing an overly long username parameter to the FTP server causes the EIP register to be overwritten after the USER/PASS login sequence is completed. Once this has been do...
CVE-2005-1283
Summary : CVE-2005-1283 describes multiple directory traversal vulnerabilities in ArGoSoft Mail Server Pro 1.8.7.6. Remote authenticated users can read arbitrary files via the UIDL parameter to the msg script or copy/move the user’s .eml file to arbitrary locations via the delete script. This is ...
CVE-2005-1282
CVE-2005-1282 affects ArGoSoft Mail Server Pro 1.8.7.6, with multiple XSS vulnerabilities allowing remote injection via (1) IMG src, (2) webmail user settings, or (3) address book input. The connected sources confirm XSS exposure and affected component, but do not provide patch/version remediatio...
CVE-2005-0919
Adventia Chat 3.1 and Server Pro 3.0 allows remote attackers to inject arbitrary web script or HTML into the chat space, which leaves other users vulnerable to cross-site scripting XSS attacks...
CVE-2005-0919
Adventia Chat 3.1 and Server Pro 3.0 allows remote attackers to inject arbitrary web script or HTML into the chat space, which leaves other users vulnerable to cross-site scripting XSS attacks...