Lucene search
K

4209 matches found

securityvulns
securityvulns
added 2000/12/07 12:0 a.m.21 views

Дырки в mailman webmail

Классические дырки perl CGI при работе с файлами...

0.5AI score
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2000/12/07 12:0 a.m.30 views

SRADV00005.txt

================================================= Secure Reality Pty Ltd. Security Advisory 5 SRADV00005 http://www.securereality.com.au ================================================= Title Remote command execution vulnerabilities in MailMan Webmail Released 6/11/2000 Vulnerable All 3.x versio...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2000/12/06 12:0 a.m.28 views

Endymion MailMan 3.0.x - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/2063/info A vulnerability exists in 3.x versions of Endymion MailMan Webmail prior to release 3.0.26. The widely-used Perl script provides a web-email interface. Affected versions make insecure use of the perl open function. Attackers can control the way...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2000/12/06 12:0 a.m.96 views

MailMan Webmail mmstdod.cgi Arbitrary Command Execution

The version of MailMan Webmail on the remote web server has an arbitrary command execution vulnerability. Input to the 'ALTERNATETEMPLATES' parameter of mmstdod.cgi is not properly sanitized. A remote attacker could exploit this to execute arbitrary commands on the system. %NASLMINLEVEL 70300 C...

10CVSS5.8AI score0.13461EPSS
Exploits1References2
securityvulns
securityvulns
added 2000/12/05 12:0 a.m.24 views

Дырка в WhoWhere Webmail (comm.lycos.com, angelfire.com, eudoramail.com)

Можно угадать имя файла с вложением на сервере...

1AI score
Exploits0References1
securityvulns
securityvulns
added 2000/12/05 12:0 a.m.110 views

PostACI Webmail Vulnerability

The PostACI webmail system contains a rather trival vulnerability. One can obtain the hostname, username and password variables for the MySQL server in addition to other setup information if PostACI is setup as described running out of the box by simplying going to the url:...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2000/11/30 12:0 a.m.35 views

Trlinux Postaci Webmail 1.1.3 - Password Disclosure

Trlinux Postaci Webmail 1.1.3 - Password Disclosure source: https://www.securityfocus.com/bid/2029/info Postaci Webmail is a database-driven web e-mail system. PostACI contains a vulnerability in its default configuration that may allow a remote attacker to gain access to the underlying database...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2000/11/30 12:0 a.m.39 views

Trlinux Postaci Webmail 1.1.3 - Password Disclosure

source: https://www.securityfocus.com/bid/2029/info Postaci Webmail is a database-driven web e-mail system. PostACI contains a vulnerability in its default configuration that may allow a remote attacker to gain access to the underlying database. Webmail stores database username and password...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/11/28 12:0 a.m.43 views

Дырка в TWIG webmail

Используя ошибку в проверке агрументов можно загрузить и выполнить собственный php3-скрипт...

0.4AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2000/11/28 12:0 a.m.73 views

Security problems with TWIG webmail system

Twig is a popular webmail system written in PHP, once called Muppet. Author: Christopher Heschong Homepage: http://twig.screwdriver.net Version: 2.5.1 latest Problem: The possibility of processing our own php file , can leed to arbitrary command execution on the server as the httpd user. Status:...

0.3AI score
Exploits0
Cvelist
Cvelist
added 2000/10/13 4:0 a.m.19 views

CVE-2000-0507

Imate Webmail Server 2.5 allows remote attackers to cause a denial of service via a long HELO command...

6.6AI score0.07277EPSS
Exploits0References3
Cvelist
Cvelist
added 2000/10/13 4:0 a.m.18 views

CVE-2000-0552

ICQwebmail client for ICQ 2000A creates a world readable temporary file during login and does not delete it, which allows local users to obtain sensitive information...

5.3AI score0.01116EPSS
Exploits1References3
CVE
CVE
added 2000/10/13 4:0 a.m.47 views

CVE-2000-0507

CVE-2000-0507 concerns Imate Webmail Server 2.5. A remote attacker can cause a denial of service by sending a HELO command with an extremely long argument, potentially crashing/shutting down the SMTP service (network exploit, no auth required; availability impact). The vulnerability stems from ha...

5CVSS6.6AI score0.07277EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2000/09/13 12:0 a.m.34 views

(SRADV00003) Arbitrary file disclosure through IMP

================================================= Secure Reality Pty Ltd. Security Advisory 3 SRADV00003 http://www.securereality.com.au ================================================= Title Arbitrary file disclosure through IMP Released 12/09/2000 Vulnerable Most all? versions of IMP 2.2.1...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2000/09/11 12:0 a.m.23 views

horde.txt

Date: Fri, 8 Sep 2000 17:03:36 +0200 Sender: Bugtraq List From: "Winter, Christian" Subject: horde library bug - unchecked from-address To: [email protected] Hi, this bug we discovered recently. HORDE 1.2.0 $from-bug and how to exploit with IMP 2.2.0 Disclaimer: This is intended as a pape...

Exploits0
securityvulns
securityvulns
added 2000/09/08 12:0 a.m.53 views

horde library bug - unchecked from-address

Hi, this bug we discovered recently. HORDE 1.2.0 $from-bug and how to exploit with IMP 2.2.0 Disclaimer: This is intended as a paper for sysadmins who want to secure their systems. It is NOT a how to for scriptkiddies to run any attack on a IMP-using site. The authors of this text will not be hel...

Exploits0
securityvulns
securityvulns
added 2000/08/31 12:0 a.m.28 views

Web Application Security Survey

-Web Application Security Survey- Results show that Microsoft Hotmail, Excite, Altavista, E-Bay, Lycos Netscape WebMail, E-Trade, Infoseek/Go.com and their users are all currently vulnerable to web based attack. disclaimer The opinions, ideas and information expressed in the following text are my...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2000/06/08 12:0 a.m.28 views

DoS против WebMail

Переполнение буфера в SMTP-команде HELO. В CMail - переполнение буфера при длинном имени пользователя в веб-интерфейсе порт 8002...

Exploits0References2Affected Software2
NVD
NVD
added 2000/06/01 4:0 a.m.11 views

CVE-2000-0507

Imate Webmail Server 2.5 allows remote attackers to cause a denial of service via a long HELO command...

5CVSS6.6AI score0.07277EPSS
Exploits0References3
securityvulns
securityvulns
added 2000/06/01 12:0 a.m.79 views

DST2K0006: Denial of Service Possibility in Imate WebMail Server v2.5

========================================================================== ====== Delphis Consulting Plc ========================================================================== ====== Security Team Advisories 26/05/2000 [email protected] http://www.delphisplc.com/thinking/whitepapers...

0.1AI score
Exploits0
Rows per page
Query Builder