3 matches found
EUVD-2002-1556
Malware in sbrugna...
Symantec Encryption Management Server Database Backup Command Line Injection and Email Header Inject
SUMMARY Symantec Encryption Management Server is susceptible to a shell command line injection when an authorized, but less privileged administrator, is submitting a request for a database backup. This could potentially result in the malicious administrator gaining privileged access on the server...
unsafe fgets() in sendmail's mail.local
Topic: unsafe fgets in sendmail's mail.local Description: There are 4 problems: 1. Possibility to insert LMTP commands into e-mail message 2. Possibility of deadlock between sendmail and mail.local 3. Possibility to corrupt user's mailbox 4. Possibility to change e-mail headers of the message in...