3 matches found
Integer overflow
Integer overflow in eXtremail 2.1.1 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long USER command containing "%s" sequences to the pop3 port 110/tcp, which are expanded to "%%s" before being used in the memmove function, possibly du...
CVE-2007-5467
Integer overflow in eXtremail 2.1.1 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long USER command containing "%s" sequences to the pop3 port 110/tcp, which are expanded to "%%s" before being used in the memmove function, possibly du...
CVE-2001-1078
CVE-2001-1078 affects eXtremail 1.1.9 and earlier. The vulnerability is a format-string issue in the flog function that can be exploited remotely to gain root privileges by supplying format specifiers through SMTP commands (HELO, EHLO, MAIL FROM, RCPT TO) and via POP3 commands after authenticatio...