2 matches found
CVE-2008-2049
The POP3 server EPSTPOP3S.EXE 4.22 in E-Post Mail Server 4.10 allows remote attackers to obtain sensitive information via multiple crafted APOP commands for a known POP3 account, which displays the password in a POP3 error message...
CVE-2006-0447
Multiple buffer overflows in E-Post Mail Server 4.10 and SPA-PRO Mail @Solomon 4.00 allow remote attackers to execute arbitrary code via a long username to the 1 AUTH PLAIN or 2 AUTH LOGIN SMTP commands, which is not properly handled by a EPSTRS.EXE or b SPA-RS.EXE; 3 a long username in the APOP...