Lucene search
K

77 matches found

Drupal
Drupal
added 2014/10/15 12:0 a.m.25 views

SA-CONTRIB-2014-099 - Open Atrium Core - Access bypass

The oacore module contains the base access control mechanism for the Open Atrium distribution OA2. In OA2, file attachments are given the same access permission as the node they are attached to. The vulnerability is when an attachment is removed from a node that has Revisions enabled. It allows...

5CVSS6.4AI score0.01209EPSS
Exploits0References9
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Atrium Software Mercur WebView WebMail-Client 1.0 - Buffer Overflow

No description provided by source. source: http://www.securityfocus.com/bid/1056/info WebView WebMail-Client is an add-on for the Mercur SMTP/POP3/IMAP4 Mail Server which allows a user to access email through a web browser. Insufficient boundary checking exists in the code which handles GET...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Atrium Software Mercur Mailserver 3.3/4.0/4.2 IMAP AUTH Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8861/info A problem has been reported in MERCUR Mailserver when handling the IMAP AUTH command. The issue occurs when an overly long command is submitted, which may be due to a buffer overrun. This problem may make it...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.10 views

Atrium Software Mercur Mail Server 3.2 - Multiple Buffer Overflows (2)

No description provided by source. source: http://www.securityfocus.com/bid/1051/info Atrium Software Mercur is a SMTP, POP3, and IMAP mail server. Insufficient boundary checking exists in the code that handles within the SMTP mail from command, the POP3 user command and the IMAP login command. T...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Atrium Software Mercur Mail Server 3.2 - Multiple Buffer Overflows (1)

No description provided by source. source: http://www.securityfocus.com/bid/1051/info Atrium Software Mercur is a SMTP, POP3, and IMAP mail server. Insufficient boundary checking exists in the code that handles within the SMTP mail from command, the POP3 user command and the IMAP login command. T...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.27 views

Mercur Messaging 2005 IMAP Login Buffer Overflow

No description provided by source. $Id: mercurlogin.rb 10150 2010-08-25 20:55:37Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2010/08/25 12:0 a.m.43 views

Mercur Messaging 2005 - IMAP Login Buffer Overflow (Metasploit)

$Id: mercurlogin.rb 10150 2010-08-25 20:55:37Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

10CVSS7AI score0.68147EPSS
Exploits12
Check Point Advisories
Check Point Advisories
added 2010/06/06 12:0 a.m.15 views

Atrium Software MERCUR IMAPD NTLMSSP Command Handling Memory Corruption (CVE-2007-1578)

The Internet Message Access Protocol IMAP specifies a method for the access and manipulation of electronic mail. The protocol permits the manipulation of mailboxes on a remote server and allows a remote client, among other operations, to create, delete, or rename mailboxes on the server side. The...

10CVSS7.7AI score0.16309EPSS
Exploits5
Packet Storm
Packet Storm
added 2009/11/26 12:0 a.m.49 views

Mercur Messaging 2005 IMAP Login Buffer Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Mercur...

10CVSS0.4AI score0.68147EPSS
Exploits12
Check Point Advisories
Check Point Advisories
added 2007/04/26 12:0 a.m.15 views

Preemptive Protection against Atrium MERCUR IMAP SUBSCRIBE Buffer Overflow Vulnerability

A buffer overflow vulnerability exists in Atrium MERCUR Messaging Server. Atrium MERCUR Messaging Server is a mail application for Windows. The flaw is in the Atrium MERCUR IMAP service. Internet Message Access Protocol IMAP is a standard protocol for accessing e-mail from a local server that...

10CVSS7.2AI score0.56209EPSS
Exploits5
seebug.org
seebug.org
added 2007/03/24 12:0 a.m.12 views

Atrium Mercur IMapD NTLM缓冲区溢出漏洞

Atrium Mercur IMapD是一款Imap协议实现的IMAPD守护程序。 Atrium Mercur IMapD处理NTLM验证存在缓冲区溢出,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 提交恶意的请求,可导致触发缓冲区溢出。攻击者可导致拒绝服务或者任意指令执行攻击。 Atrium Software Mercur IMAPD 1 SP4 目前没有解决方案提供: http://www.atrium-software.com/ !/usr/bin/perl mercur-v1.pl Mercur v5.00.14 win32 remote exploit by mu-b...

7AI score
Exploits0
seebug.org
seebug.org
added 2007/03/22 12:0 a.m.24 views

Atrium Mercur IMap Subscribe请求远程栈溢出漏洞

Mercur是Atrium Software推出的系列邮件服务器产品。 Mercur的NTLM认证机制实现上存在漏洞,远程攻击者可能利用此漏洞控制服务器或导致服务崩溃。 Mercur的IMAPD在实现NTLM的代码中盲目使用用户提供的长度数据作为memcpy调用的参数,远程攻击者可能利用此问题触发一个栈溢出,导致拒绝服务或执行任意指令。 Atrium Software Mercur v5.00.14 win32 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.atrium-software.com/...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/03/22 12:0 a.m.58 views

Atrium Mercur Mailserver IMAPD buffer overflow

Multiple buffer overflows in IMAP NTLM authentication implementation. Buffer overflow in SUBSCRIBE command...

10CVSS3.4AI score0.56209EPSS
Exploits10References1Affected Software1
Prion
Prion
added 2007/03/21 11:19 p.m.17 views

Stack overflow

Stack-based buffer overflow in Atrium MERCUR IMAPD allows remote attackers to have an unknown impact via a certain SUBSCRIBE command...

10CVSS7.6AI score0.56209EPSS
Exploits5References8Affected Software1
Prion
Prion
added 2007/03/21 11:19 p.m.18 views

Stack overflow

Multiple integer signedness errors in the NTLM implementation in Atrium MERCUR IMAPD mcrimap4.exe 5.00.14, with SP4, allow remote attackers to execute arbitrary code via a long NTLMSSP argument that triggers a stack-based buffer overflow...

10CVSS7.9AI score0.16309EPSS
Exploits5References9Affected Software1
NVD
NVD
added 2007/03/21 11:19 p.m.30 views

CVE-2007-1578

Multiple integer signedness errors in the NTLM implementation in Atrium MERCUR IMAPD mcrimap4.exe 5.00.14, with SP4, allow remote attackers to execute arbitrary code via a long NTLMSSP argument that triggers a stack-based buffer overflow...

10CVSS7.6AI score0.16309EPSS
Exploits5References9
NVD
NVD
added 2007/03/21 11:19 p.m.23 views

CVE-2007-1579

Stack-based buffer overflow in Atrium MERCUR IMAPD allows remote attackers to have an unknown impact via a certain SUBSCRIBE command...

10CVSS7AI score0.56209EPSS
Exploits5References8
Cvelist
Cvelist
added 2007/03/21 11:0 p.m.22 views

CVE-2007-1579

Stack-based buffer overflow in Atrium MERCUR IMAPD allows remote attackers to have an unknown impact via a certain SUBSCRIBE command...

7AI score0.56209EPSS
Exploits5References8
Cvelist
Cvelist
added 2007/03/21 11:0 p.m.19 views

CVE-2003-1322

Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR Mailserver before 4.2.15.0 allow remote attackers to execute arbitrary code via a long 1 EXAMINE, 2 DELETE, 3 SUBSCRIBE, 4 RENAME, 5 UNSUBSCRIBE, 6 LIST, 7 LSUB, 8 STATUS, 9 LOGIN, 10 CREATE, or 11 SELECT command...

7.8AI score0.05738EPSS
Exploits0References3
CVE
CVE
added 2007/03/21 11:0 p.m.48 views

CVE-2003-1322

CVE-2003-1322 concerns Atrium MERCUR IMAPD in MERCUR Mailserver up to version 4.2.15.0. The vulnerability is described as multiple stack-based buffer overflows in the IMAPD process that can be triggered by long commands, including: EXAMINE, DELETE, SUBSCRIBE, RENAME, UNSUBSCRIBE, LIST, LSUB, STAT...

10CVSS7.8AI score0.05738EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder