67 matches found
CVE-2007-6714
DBMail before 2.2.9, when using authldap with an LDAP server that supports anonymous login such as Active Directory, allows remote attackers to bypass authentication via an empty password, which causes the LDAP bind to indicate success based on anonymous authentication...
CVE-2007-6714
DBMail before 2.2.9, when using authldap with an LDAP server that supports anonymous login such as Active Directory, allows remote attackers to bypass authentication via an empty password, which causes the LDAP bind to indicate success based on anonymous authentication...
CVE-2007-6714
CVE-2007-6714 affects DBMail prior to 2.2.9 where authldap against LDAP servers that allow anonymous login (e.g., Active Directory) lets remote attackers bypass authentication with an empty password. This causes LDAP bind to succeed via anonymous authentication, enabling partial confidentiality/i...
CVE-2003-1523
SQL injection vulnerability in the IMAP daemon in dbmail 1.1 allows remote attackers to execute arbitrary SQL commands via the 1 login username, 2 mailbox name, and possibly other attack vectors...
CVE-2003-1523
The CVE-2003-1523 entry concerns the dbmail 1.1 IMAP daemon. The vulnerability is a SQL injection that allows remote attackers to execute arbitrary SQL commands via the login username and the mailbox name (and possibly additional vectors). The affected component is the IMAP daemon of dbmail 1.1, ...
FreeBSD : dbmail (1583)
The following package needs to be updated: dbmail %NASLMINLEVEL 70300 C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-2006 Jacques Vidrine and contributors Redistribution and use in source VuXML and 'compiled' forms SGML, HTML, PDF,...
CVE-2003-1523
SQL injection vulnerability in the IMAP daemon in dbmail 1.1 allows remote attackers to execute arbitrary SQL commands via the 1 login username, 2 mailbox name, and possibly other attack vectors...