30 matches found
EUVD-2005-3806
Malware in sbrugna...
EUVD-2003-0385
Malware in sbrugna...
EUVD-2005-3689
Malware in sbrugna...
EUVD-2004-2563
Malware in sbrugna...
EUVD-2005-0316
Malware in sbrugna...
EUVD-2005-0315
Malware in sbrugna...
Magic Winmail Server 4.0 (Build 1112) download.php Traversal Arbitrary File Access
No description provided by source. source: http://www.securityfocus.com/bid/12388/info Magic Winmail Server is reportedly affected by multiple vulnerabilities. There are two distinct directory traversal vulnerabilities in the Webmail interface allowing both arbitrary file downloads and uploads...
Magic Winmail Server 4.0 (Build 1112) upload.php Traversal Arbitrary File Upload
No description provided by source. source: http://www.securityfocus.com/bid/12388/info Magic Winmail Server is reportedly affected by multiple vulnerabilities. There are two distinct directory traversal vulnerabilities in the Webmail interface allowing both arbitrary file downloads and uploads...
CVE-2005-3811
CVE-2005-3811 describes a directory traversal vulnerability in AMAX Magic Winmail Server 4.2 (build 0824) and earlier, exploitable remotely via the sid parameter in admin/main.php to overwrite arbitrary files using session information. Affected product: Winmail Server (AMAX) versions 4.2 and earl...
CVE-2004-2572
AMAX Magic Winmail Server 3.6 is affected. The vulnerability arises from improper processing of the $keyword variable in the netaddressbook.php form, causing ldap_search failures to reveal the local path via ldaplib.php error messages. This leads to information disclosure through invalid characte...
CVE-2005-3692
Cross-site scripting XSS vulnerability in AMAX Magic Winmail Server 4.2 build 0824 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 retid parameter in badlogin.php, 2 Content-Type headers in HTML mails, and 3 HTML mail attachments...
CVE-2005-3692
CVE-2005-3692 affects AMAX Magic Winmail Server 4.2 and earlier with a cross-site scripting (XSS) flaw. The vulnerability allows remote attackers to inject arbitrary web script or HTML via (1) the retid parameter in badlogin.php, (2) Content-Type headers in HTML mails, and (3) HTML mail attachmen...
CVE-2005-0315
The FTP service in Magic Winmail Server 4.0 Build 1112 does not verify that the IP address in a PORT command is the same as the IP address of the user of the FTP session, which allows remote authenticated users to use the server as an intermediary for port scanning...
CVE-2005-0314
Cross-site scripting XSS vulnerability in user.php in Magic Winmail Server 4.0 Build 1112 allows remote attackers to inject arbitrary web script or HTML via the personal information fields...
CVE-2005-0313
CVE-2005-0313 affects Magic Winmail Server 4.0 Build 1112. The vulnerability comprises multiple directory traversal weaknesses allowing remote attackers to upload files via upload.php and read arbitrary files via download.php, plus risk from authenticated IMAP commands (CREATE, EXAMINE, SELECT, D...
CVE-2005-0315
The CVE-2005-0315 entry concerns the FTP service in Magic Winmail Server 4.0 Build 1112, where the FTP PORT command does not verify that the command IP matches the FTP session user’s IP. This permits remote authenticated users to use the server as an intermediary for port scanning. The connected ...
CVE-2005-0314
The CVE-2005-0314 entry describes a Cross-site Scripting (XSS) vulnerability in the Magic Winmail Server 4.0 Build 1112, specifically in user.php, where remote attackers can inject arbitrary web script or HTML through personal information fields. The connected records corroborate the same vulnera...
[SIG^2 G-TEC] Magic Winmail Server v4.0 Multiple Vulnerabilities
SIG^2 Vulnerability Research Advisory Magic Winmail Server v4.0 Multiple Vulnerabilities by Tan Chew Keong Release Date: 27 Jan 2005 ADVISORY URL http://www.security.org.sg/vuln/magicwinmail40.html SUMMARY Magic Winmail Server http://www.magicwinmail.net/ is an enterprise class mail server softwa...
CVE-2005-0314
Cross-site scripting XSS vulnerability in user.php in Magic Winmail Server 4.0 Build 1112 allows remote attackers to inject arbitrary web script or HTML via the personal information fields...
Magic Winmail Server 4.0 (Build 1112) - download.php Traversal Arbitrary File Access
Magic Winmail Server 4.0 Build 1112 - download.php Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/12388/info Magic Winmail Server is reportedly affected by multiple vulnerabilities. There are two distinct directory traversal vulnerabilities in the Webmail interface...