18 matches found
EUVD-2003-0385
Malware in sbrugna...
EUVD-2005-0315
Malware in sbrugna...
EUVD-2005-0316
Malware in sbrugna...
Magic Winmail Server 4.0 (Build 1112) download.php Traversal Arbitrary File Access
No description provided by source. source: http://www.securityfocus.com/bid/12388/info Magic Winmail Server is reportedly affected by multiple vulnerabilities. There are two distinct directory traversal vulnerabilities in the Webmail interface allowing both arbitrary file downloads and uploads...
Magic Winmail Server 4.0 (Build 1112) upload.php Traversal Arbitrary File Upload
No description provided by source. source: http://www.securityfocus.com/bid/12388/info Magic Winmail Server is reportedly affected by multiple vulnerabilities. There are two distinct directory traversal vulnerabilities in the Webmail interface allowing both arbitrary file downloads and uploads...
CVE-2005-0314
Cross-site scripting XSS vulnerability in user.php in Magic Winmail Server 4.0 Build 1112 allows remote attackers to inject arbitrary web script or HTML via the personal information fields...
CVE-2005-0313
CVE-2005-0313 affects Magic Winmail Server 4.0 Build 1112. The vulnerability comprises multiple directory traversal weaknesses allowing remote attackers to upload files via upload.php and read arbitrary files via download.php, plus risk from authenticated IMAP commands (CREATE, EXAMINE, SELECT, D...
CVE-2005-0315
The CVE-2005-0315 entry concerns the FTP service in Magic Winmail Server 4.0 Build 1112, where the FTP PORT command does not verify that the command IP matches the FTP session user’s IP. This permits remote authenticated users to use the server as an intermediary for port scanning. The connected ...
CVE-2005-0314
Cross-site scripting XSS vulnerability in user.php in Magic Winmail Server 4.0 Build 1112 allows remote attackers to inject arbitrary web script or HTML via the personal information fields...
Magic Winmail Server 4.0 (Build 1112) - download.php Traversal Arbitrary File Access
Magic Winmail Server 4.0 Build 1112 - download.php Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/12388/info Magic Winmail Server is reportedly affected by multiple vulnerabilities. There are two distinct directory traversal vulnerabilities in the Webmail interface...
Magic Winmail Server 4.0 (Build 1112) - upload.php Traversal Arbitrary File Upload
Magic Winmail Server 4.0 Build 1112 - upload.php Traversal Arbitrary File Upload source: https://www.securityfocus.com/bid/12388/info Magic Winmail Server is reportedly affected by multiple vulnerabilities. There are two distinct directory traversal vulnerabilities in the Webmail interface allowi...
Magic Winmail Server 4.0 (Build 1112) - 'download.php' Traversal Arbitrary File Access
source: https://www.securityfocus.com/bid/12388/info Magic Winmail Server is reportedly affected by multiple vulnerabilities. There are two distinct directory traversal vulnerabilities in the Webmail interface allowing both arbitrary file downloads and uploads. There is also a HTML injection...
CVE-2003-0391
Format string vulnerability in Magic WinMail Server 2.3, and possibly other 2.x versions, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via format string specifiers in the PASS command...
Winmail Mail Server 2.3 Build 0402 - Remote Format String
Winmail Mail Server 2.3 Build 0402 - Remote Format String / Magic Winmail Server 2.3Build 0402 Remote Format string exploit. Coded by ThreaT. This one take advantage of a format bug in the SMTP protocol smtp port + The command to execute cannot exceed 90 characters + compile : cl.exe mwmxploit.c ...
Magic Winmail Server 2.3 USER POP3 - Command Format String
Magic Winmail Server 2.3 USER POP3 - Command Format String // source: https://www.securityfocus.com/bid/7667/info A format string vulnerability has been reported for Magic Winmail Server when processing the USER POP3 command. An attacker may exploit this vulnerability by connecting to the...
Magic Winmail Server format string bug
Format string bug during POP3 logging...
Magic Winmail Server v.2.*: format string
-----BEGIN PGP SIGNED MESSAGE----- Damage Hacking Group security advisory www.dhgroup.org Product: Magic Winmail Server Auth: AMAX Information Technologies Inc. www.magicwinmail.net Vulnerable versions: v.2. founded in 2.3 Vulnerability: format string...
Magic Winmail Server 2.3 USER POP3 - Command Format String
// source: https://www.securityfocus.com/bid/7667/info A format string vulnerability has been reported for Magic Winmail Server when processing the USER POP3 command. An attacker may exploit this vulnerability by connecting to the vulnerable mail server and issuing the USER command with malicious...