46 matches found
FreeBSD : jenkins -- multiple vulnerabilities (631c4710-9be5-4a80-9310-eb2847fe24dd)
Jenkins Security Advisory : DescriptionSECURITY-412 through SECURITY-420 / CVE-2017-1000356 CSRF: Multiple vulnerabilities SECURITY-429 / CVE-2017-1000353 CLI: Unauthenticated remote code execution SECURITY-466 / CVE-2017-1000354 CLI: Login command allowed impersonating any Jenkins user...
Smoke Loader LFI / File Deletion
Two other vulnerabilities I forgot to mention, lfi and file deletion via control.php. The user must be logged into the administrative panel. 1. LFI GET http://evilserver.net/control.php?act=dwnshell&file=../../../../etc/passwd Enter username for Who are you? at evilsite.net:80:eviladmin Password:...
hMailServer IMAP Remote DoS Vulnerability
hMailServer is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MailEnable IMAPD (2.35) Login Request Buffer Overflow
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'MailEnable...
util security update
CentOS Errata and Security Advisory CESA-2009:0981 An updated util-linux package that fixes one security issue and several bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The util-linux package contains a collection of basic...
Mercur Mailserver/Messaging version <= 5.0 IMAP Overflow Vulnerability
The Mercur IMAP4 Service is running on the remote host. Description : A version of Mercur Mailserver or Messaging Server is installed on the remote host. It is a complete messaging solution including common functions like 'smtp/pop3/imap4-server'. The Mercur IMAP4 Service is vulnerable to buffer...
eXtremail <= 2.1.1 (LOGIN) Remote Stack Overflow Exploit
No description provided by source. / extremail-v4.c Copyright c 2006 by [email protected] eXtremail =2.1.1 remote root exploit x86-lnx by mu-b - Sun Oct 08 2006 - Tested on: eXtremail 2.1.1 lnx Overflow in LOGIN command of admin interface. ...
Stack overflow
Stack-based buffer overflow in Mercury/32 aka Mercury Mail Transport System 4.01b and earlier allows remote attackers to execute arbitrary code via a long LOGIN command. NOTE: this might be the same issue as CVE-2006-5961...
CVE-2007-1373
Stack-based buffer overflow in Mercury/32 aka Mercury Mail Transport System 4.01b and earlier allows remote attackers to execute arbitrary code via a long LOGIN command. NOTE: this might be the same issue as CVE-2006-5961...
Mercury/32 IMAP server buffer overflow
Buffer overflow in LOGIN command...
MERCUR Messaging IMAP LOGIN command buffer overflow
Added: 07/10/2006 CVE: CVE-2006-1255 BID: 17138 OSVDB: 23950 Background MERCUR Messaging 2005 is an e-mail server supporting the SMTP, POP3, and IMAP protocols for Windows platforms. Problem A buffer overflow vulnerability in the IMAP service when processing the LOGIN command allows remote...
MERCUR Messaging IMAP LOGIN command buffer overflow
Added: 07/10/2006 CVE: CVE-2006-1255 BID: 17138 OSVDB: 23950 Background MERCUR Messaging 2005 is an e-mail server supporting the SMTP, POP3, and IMAP protocols for Windows platforms. Problem A buffer overflow vulnerability in the IMAP service when processing the LOGIN command allows remote...
Mercur MailServer 5.0 SP3 - 'IMAP' Denial of Service
/ Exploit for : IMAP 5.0 SP3 DoS Exploit Advisory : http://secunia.com/advisories/19267/ Coder : Omnipresent Email : [email protected] Description : Tim Taylor has discovered a vulnerability in Mercur Messaging 2005, which can be exploited by malicious people and by malicious users to cause a...
Kerio MailServer IMAP mail server DoS
Crash on IMAP Login command like a001 LOGIN 4294967294...
[Full-disclosure] Kerio MailServer bugfun
Hi, It should be noted that ProtoVer Sample IMAP testsuite has been released with 3 unpublished bugs. Now it looks like that Kerio MailServer preauth bug has been fixed. Kerio MailServer 6.1.3 changelog: """ Version 6.1.3 Patch 1 - March 9, 2006 - Fixed possible crash when handling special crafte...
Command injection
Kerio MailServer before 6.1.3 Patch 1 allows remote attackers to cause a denial of service application crash via a crafted IMAP LOGIN command...
CVE-2006-1158
Kerio MailServer before 6.1.3 Patch 1 allows remote attackers to cause a denial of service application crash via a crafted IMAP LOGIN command...
CVE-2006-1158
Kerio MailServer before 6.1.3 Patch 1 allows remote attackers to cause a denial of service application crash via a crafted IMAP LOGIN command...
MDaemon imap server DoS
The remote host is running the MDaemon IMAP server. It is possible to crash the remote version of this softare sending a long argument to the 'LOGIN' command. This problem allows an attacker to make the remote service crash, thus preventing legitimate users from receiving e-mails. OpenVAS...
CVE-2005-1255
Multiple stack-based buffer overflows in the IMAP server in IMail 8.12 and 8.13 in Ipswitch Collaboration Suite ICS, and other versions before IMail Server 8.2 Hotfix 2, allow remote attackers to execute arbitrary code via a LOGIN command with 1 a long username argument or 2 a long username...