Atrium Software Mercur MailServer 3.34.04.2 - IMAP AUTH Remote Buffer Overflow

Atrium Software Mercur MailServer 3.34.04.2 - IMAP AUTH Remote Buffer Overflow source: https://www.securityfocus.com/bid/8861/info A problem has been reported in MERCUR Mailserver when handling the IMAP AUTH command. The issue occurs when an overly long command is submitted, which may be due to a...

Atrium Software Mercur MailServer 3.3/4.0/4.2 - IMAP AUTH Remote Buffer Overflow

source: https://www.securityfocus.com/bid/8861/info A problem has been reported in MERCUR Mailserver when handling the IMAP AUTH command. The issue occurs when an overly long command is submitted, which may be due to a buffer overrun. This problem may make it possible for an attacker to gain...

Another ZEUS Server web admin XSS!

Hi, another XSS, now on the ZEUS web admin interface. The tested software is Zeus 4.2r2 webadmin-4.2r2 on Linux x86 This is not the same issue as bid 6144 index.fcgi, now is on "vsdiag.cgi". Exploit is simple: http://target:9090/apps/web/vsdiag.cgi?server=YOURCODE I have read this post:...

CVE-2003-0040

SQL injection vulnerability in the PostgreSQL auth module for courier 0.40 and earlier allows remote attackers to execute SQL code via the user name...

CVE-2003-0040

SQL injection vulnerability in the PostgreSQL auth module for courier 0.40 and earlier allows remote attackers to execute SQL code via the user name...

[SECURITY] [DSA 247-1] New courier packages fix SQL injection

-------------------------------------------------------------------------- Debian Security Advisory DSA 247-1 [email protected] http://www.debian.org/security/ Martin Schulze January 30th, 2003 http://www.debian.org/security/faq -...

DSA-247 courier-ssl - missing input sanitizing

Bulletin has no description...

CVE-2002-0713

Buffer overflows in Squid before 2.4.STABLE6 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code 1 via the MSNT auth helper msntauth when using denyusers or allowusers files, 2 via the gopher client, or 3 via the FTP server directory listing parser when...

Squid Security Update Advisory 2002:3

Squid Proxy Cache Security Update Advisory SQUID-2002:3 Advisory ID: SQUID-2002:3 Date: July 3, 2002 Summary: Squid-2.4.STABLE7 released to address a number of security related issues. Affected versions: Squid-2.x up to and including 2.4.STABLE6 http://www.squid-cache.org/Advisories/SQUID-20023.t...

CVE-2002-0332

Buffer overflows in xtell xtelld 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to execute arbitrary code via 1 a long DNS hostname that is determined using reverse DNS lookups, 2 a long AUTH string, or 3 certain data in the xtell request...

Format string bug in pam_ldap/squid_auth_ldap

Format string bug on syslog call...

CVE-2002-0332

Buffer overflows in xtell xtelld 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to execute arbitrary code via 1 a long DNS hostname that is determined using reverse DNS lookups, 2 a long AUTH string, or 3 certain data in the xtell request...

CVE-2001-1343

CVE-2001-1343 affects WebStore 400/400CS 4.14 via ws_mail.cgi. The vulnerability allows remote authenticated WebStore administrators to execute arbitrary code by supplying shell metacharacters in the kill parameter. The CVSS metrics indicate network access with low attack complexity and no authen...

CVE-1999-1469

The vulnerability CVE-1999-1469 stems from a buffer overflow in the w3-auth CGI program within the miniSQL package. An attacker can remotely execute arbitrary commands by sending an HTTP request with a long URL or a long User-Agent header. The CVSS data indicates a network attack vector with low ...

CVE-1999-1469

Buffer overflow in w3-auth CGI program in miniSQL package allows remote attackers to execute arbitrary commands via an HTTP request with 1 a long URL, or 2 a long User-Agent MIME header...

Apache Auth Module SQL Injection

The 'modauthpgsqlsys' module is prior to 0.9.6. It is, therefore, affected by a SQL injection vulnerability that allows an attacker to bypass authentication. Script to check for Apache Authentication Modules SQL Insertion Vulnerability This script is copyright c 2001 Matt Moore modifications by r...

PT-2001-2561 · Phpbb · Phpbb

Name of the Vulnerable Software and Affected Versions: phpBB versions 1.4.0 and earlier Description: The issue allows remote authenticated users to execute arbitrary PHP code via an invalid language value. This prevents the variables $l statsblock in prefs.php or $l privnotify in auth.php from...

CVE-2001-0039

IPSwitch IMail 6.0.5 allows remote attackers to cause a denial of service using the SMTP AUTH command by sending a base64-encoded user password whose length is between 80 and 136 bytes...

CVE-2001-0039

IPSwitch IMail 6.0.5 allows remote attackers to cause a denial of service using the SMTP AUTH command by sending a base64-encoded user password whose length is between 80 and 136 bytes...

CVE-2000-0990

cmd5checkpw 0.21 and earlier allows remote attackers to cause a denial of service via an "SMTP AUTH" command with an unknown username...