Lucene search
K

659 matches found

FreeBSD
FreeBSD
added 2004/11/06 12:0 a.m.19 views

Cyrus IMAPd -- APPEND command uses undefined programming construct

To support MULTIAPPENDS the cmdappend handler uses the global stage array. This array is one of the things that gets destructed when the fatal function is triggered. When the Cyrus IMAP code adds new entries to this array this is done with the help of the postfix increment operator in combination...

0.9AI score
Exploits0References1
FreeBSD
FreeBSD
added 2004/11/06 12:0 a.m.37 views

Cyrus IMAPd -- PARTIAL command out of bounds memory corruption

Due to a bug within the argument parser of the partial command an argument like "bodyp" will be wrongly detected as "body.peek". Because of this the bufferposition gets increased by 10 instead of 5 and could therefore point outside the allocated memory buffer for the rest of the parsing process. ...

10CVSS6.7AI score0.05951EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2004/11/06 12:0 a.m.41 views

Cyrus IMAPd -- IMAPMAGICPLUS preauthentification overflow

When the option imapmagicplus is activated on a server the PROXY and LOGIN commands suffer a standard stack overflow, because the username is not checked against a maximum length when it is copied into a temporary stack buffer. This bug is especially dangerous because it can be triggered before a...

10CVSS6.5AI score0.05843EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/08/30 12:0 a.m.18 views

GLSA-200408-19 : courier-imap: Remote Format String Vulnerability

The remote host is affected by the vulnerability described in GLSA-200408-19 courier-imap: Remote Format String Vulnerability There is a format string vulnerability in the authdebug function which can be exploited remotely, potentially leading to arbitrary code execution as the user running the...

7.5CVSS6.3AI score0.10906EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.12 views

UoW imapd (UW-IMAP) AUTHENTICATE Command Remote Overflow

Binary data 1101.prm...

10CVSS7.3AI score0.18272EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.20 views

UoW imapd (UW-IMAP) BODY Request Remote Overflow

Binary data 1088.prm...

7.5CVSS7.3AI score0.19354EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.18 views

UoW imapd (UW-IMAP) v12 Multiple Command Remote Overflows

Binary data 1087.prm...

7.5CVSS7.3AI score0.69476EPSS
Exploits5References5
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.15 views

UoW imapd (UW-IMAP) v12.264 or v10.24 Multiple Command Remote Overflows.

Binary data 1093.prm...

7.5CVSS7.3AI score0.69476EPSS
Exploits5References1
Tenable Nessus
Tenable Nessus
added 2004/07/25 12:0 a.m.16 views

SUSE-SA:2002:048: cyrus-imapd

The remote host is missing the patch for the advisory SUSE-SA:2002:048 cyrus-imapd. The cyrus imapd contains a buffer overflow which could be exploited by remote attackers prior to logging in. Attackers could generate oversized error messages and overflow buffers inside imapd. Additionally to thi...

5.9AI score
Exploits0
NVD
NVD
added 2003/12/31 5:0 a.m.17 views

CVE-2003-1322

Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR Mailserver before 4.2.15.0 allow remote attackers to execute arbitrary code via a long 1 EXAMINE, 2 DELETE, 3 SUBSCRIBE, 4 RENAME, 5 UNSUBSCRIBE, 6 LIST, 7 LSUB, 8 STATUS, 9 LOGIN, 10 CREATE, or 11 SELECT command...

10CVSS7.8AI score0.05738EPSS
Exploits0References3
exploitpack
exploitpack
added 2002/12/02 12:0 a.m.9 views

Cyrus IMAPD 1.41.5.192.0.122.0.162.1.92.1.10 - Pre-Login Heap Corruption

Cyrus IMAPD 1.41.5.192.0.122.0.162.1.92.1.10 - Pre-Login Heap Corruption source: https://www.securityfocus.com/bid/6298/info Cyrus IMAPD is a freely available, open source Interactive Mail Access Protocol IMAP daemon. It is available for Unix and Linux operating systems. It has been reported that...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2002/12/02 12:0 a.m.26 views

Cyrus IMAPD 1.4/1.5.19/2.0.12/2.0.16/2.1.9/2.1.10 - Pre-Login Heap Corruption

source: https://www.securityfocus.com/bid/6298/info Cyrus IMAPD is a freely available, open source Interactive Mail Access Protocol IMAP daemon. It is available for Unix and Linux operating systems. It has been reported that Cyrus IMAPD does not sufficiently handle overly long strings. In some...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/08/01 12:0 a.m.23 views

UoW IMAPd Server 10.23412.264 - Remote Buffer Overflow

UoW IMAPd Server 10.23412.264 - Remote Buffer Overflow // source: https://www.securityfocus.com/bid/1110/info A buffer overflow exists in imapd. The vulnerability exists in the list command. By supplying a long, well-crafted string as the second argument to the list command, it becomes possible t...

0.8AI score
Exploits0
Exploit DB
Exploit DB
added 2002/08/01 12:0 a.m.27 views

UoW IMAPd Server 10.234/12.264 - Remote Buffer Overflow

// source: https://www.securityfocus.com/bid/1110/info A buffer overflow exists in imapd. The vulnerability exists in the list command. By supplying a long, well-crafted string as the second argument to the list command, it becomes possible to execute code on the machine. Executing the list comma...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/05/10 12:0 a.m.13 views

WU-IMAPd 20002001 - Partial Mailbox Attribute Remote Buffer Overflow (2)

WU-IMAPd 20002001 - Partial Mailbox Attribute Remote Buffer Overflow 2 // source: https://www.securityfocus.com/bid/4713/info Wu-imapd is vulnerable to a buffer overflow condition. This has been reported to occur when a valid user requests partial mailbox attributes. Exploitation may result in th...

0.7AI score
Exploits0
Exploit DB
Exploit DB
added 2002/05/10 12:0 a.m.29 views

WU-IMAPd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (2)

// source: https://www.securityfocus.com/bid/4713/info Wu-imapd is vulnerable to a buffer overflow condition. This has been reported to occur when a valid user requests partial mailbox attributes. Exploitation may result in the execution of arbitrary code as the server process. An attacker may al...

7.4AI score
Exploits0
NVD
NVD
added 2001/09/20 4:0 a.m.12 views

CVE-2001-0691

Buffer overflows in Washington University imapd 2000a through 2000c could allow local users without shell access to execute code as themselves in certain configurations...

4.6CVSS6.8AI score0.00497EPSS
Exploits0References4
CVE
CVE
added 2001/09/12 4:0 a.m.42 views

CVE-1999-1445

Vulnerability details available for CVE-1999-1445: affected software includes imapd and ipop3d running on Slackware 3.4 and 3.3 with shadowing enabled (and possibly other OSes). The issue allows remote attackers to trigger a core dump by sending a short sequence of USER and PASS commands that do ...

5CVSS7.7AI score0.01335EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2001/08/29 4:0 a.m.16 views

CVE-2001-0691

Buffer overflows in Washington University imapd 2000a through 2000c could allow local users without shell access to execute code as themselves in certain configurations...

6.8AI score0.00497EPSS
Exploits0References4
CVE
CVE
added 2001/08/29 4:0 a.m.57 views

CVE-2001-0691

UW-IMAP imapd (Washington University) v2000a–2000c contains buffer overflows that could allow a local user, after authentication, to execute code with that user’s privileges in certain configurations. Mandrake MDKSA-2001:054 notes these vulnerabilities and that updates are provided, but the exact...

4.6CVSS6.8AI score0.00497EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder