Debian DSA-732-1 : mailutils - several vulnerabilities

'infamous41md' discovered several vulnerabilities in the GNU mailutils package which contains utilities for handling mail. These problems can lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities. ...

CVE-2005-1522

The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authenticated remote users to cause a denial of service CPU consumption via a large range value in the FETCH command...

DEBIAN-CVE-2005-1522

The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authenticated remote users to cause a denial of service CPU consumption via a large range value in the FETCH command...

CVE-2005-1522

The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authenticated remote users to cause a denial of service CPU consumption via a large range value in the FETCH command...

CVE-2005-1522

The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authenticated remote users to cause a denial of service CPU consumption via a large range value in the FETCH command...

CVE-2005-1522

The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authenticated remote users to cause a denial of service CPU consumption via a large range value in the FETCH command...

CVE-2005-0247

Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via 1 a large number of variables in a SQL statement being handled by the readsqlconstruct function, 2 a large number of INTO variables in a SELECT statement being handled by the...

security flaw

Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via 1 a large number of variables in a SQL statement being handled by the readsqlconstruct function, 2 a large number of INTO variables in a SELECT statement being handled by the...

security flaw

Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via 1 a large number of variables in a SQL statement being handled by the readsqlconstruct function, 2 a large number of INTO variables in a SELECT statement being handled by the...

DEBIAN-CVE-2004-1013

The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as 1 "bodyp", 2 "binaryp", or 3 "binaryp" that cause an index increment error that leads to an out-of-bounds memory corruption...

CVE-2004-1013

The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as 1 "bodyp", 2 "binaryp", or 3 "binaryp" that cause an index increment error that leads to an out-of-bounds memory corruption...

CVE-2004-1013

CVE-2004-1013 affects Cyrus IMAP Server 2.2.x–2.2.8. The argument parser for FETCH can be exploited by remote authenticated users through commands such as body[p or binary[p, triggering an index increment error that causes out-of-bounds memory corruption and allows arbitrary code execution. The v...

CVE-2004-1053

CVE-2004-1053 is an integer overflow in FreeBSD's fetch(1) utility (affecting 4.1–5.3) that allows a remote attacker to execute arbitrary code by crafting HTTP headers in a response, triggering a buffer overflow. The issue is caused during HTTP header processing and can enable code execution on t...

[Full-Disclosure] FreeBSD Security Advisory FreeBSD-SA-04:16.fetch

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:16.fetch Security Advisory The FreeBSD Project Topic: Overflow error in fetch Category: core Module: fetch Announced: 2004-11-18 Credits: Colin Percival Affect...

FreeBSD : SA-04:16.fetch

The remote host is running a version of FreeBSD which contains a flaw in the 'fetch' utility. 'fetch' is a command-line tool used to retrieve data at a given URL. It is used among others by the FreeBSD port collection. There is an integer overflow condition in the processing of HTTP headers which...

FreeBSD-SA-04:16.fetch

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:16.fetch Security Advisory The FreeBSD Project Topic: Overflow error in fetch Category: core Module: fetch Announced: 2004-11-18 Credits: Colin Percival...

Cyrus IMAPd -- FETCH command out of bounds memory corruption

The argument parser of the fetch command suffers a bug very similiar to the partial command problem. Arguments like "bodyp", "binaryp" or "binaryp" will be wrongly detected and the bufferposition can point outside of the allocated buffer for the rest of the parsing process. When the parser trigge...

phpBB Fetch All < 2.0.12 Multiple Scripts SQL Injection

The remote host is running a version of phpBB FetchAll older than 2.0.12. It is reported that this version of phpBB Fetch All is susceptible to a SQL injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input before using it in a SQL query...

Cyrus IMSP Daemon 1.x - Remote Buffer Overflow

// source: https://www.securityfocus.com/bid/9227/info A problem has been identified in the Cyrus IMSP Daemon implementation when handling certain types of requests. Because of this, it may be possible for a remote attacker to gain unauthorized access to a system using the vulnerable software. /...

CVE-1999-0359

CVE-1999-0359 affects the ptylogin component in Unix systems. The connected records describe a denial-of-service risk (locking out modems, dialing out with the modem) and the potential for password exposure, but do not provide concrete technical details, affected versions, specific root cause, or...