31 matches found
Astra Linux – Vulnerability in exim4
Exim 4 before 4.94.2 has an improper neutralization of line delimiters. An authenticated remote SMTP client can insert newline characters into a spool file which indirectly leads to remote code execution as root via the AUTH= parameter in the MAIL FROM command...
ruby: SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTP
A SMTP command injection flaw was found in the way Ruby's Net::SMTP module handled CRLF sequences in certain SMTP commands. An attacker could potentially use this flaw to inject SMTP commands in a SMTP session in order to facilitate phishing attacks or spam campaigns...
CVE-2019-25646
Tabs Mail Carrier 2.5.1 contains a buffer overflow vulnerability in the MAIL FROM SMTP command that allows remote attackers to execute arbitrary code by sending a crafted MAIL FROM parameter. Attackers can connect to the SMTP service on port 25 and send a malicious MAIL FROM command with an...
CVE-2019-25646 Tabs Mail Carrier 2.5.1 Buffer Overflow via MAIL FROM
Tabs Mail Carrier 2.5.1 contains a buffer overflow vulnerability in the MAIL FROM SMTP command that allows remote attackers to execute arbitrary code by sending a crafted MAIL FROM parameter. Attackers can connect to the SMTP service on port 25 and send a malicious MAIL FROM command with an...
CVE-2019-25646
Tabs Mail Carrier 2.5.1 contains a buffer overflow in the MAIL FROM SMTP command that allows remote code execution by sending a crafted MAIL FROM parameter. An attacker can connect to the SMTP service on port 25 and send an oversized MAIL FROM to overwrite the EIP and execute a bind shell payload...
Tabs Mail Carrier 缓冲区错误漏洞
Tabs Mail Carrier is an email server software for email sending and mailing list management developed by the Tabs company. Version 2.5.1 of Tabs Mail Carrier contains a buffer error vulnerability. This vulnerability stems from a buffer overflow in the MAIL FROM SMTP command, which could allow a...
PT-2026-27380
Tabs Mail Carrier 2.5.1 contains a buffer overflow vulnerability in the MAIL FROM SMTP command that allows remote attackers to execute arbitrary code by sending a crafted MAIL FROM parameter. Attackers can connect to the SMTP service on port 25 and send a malicious MAIL FROM command with an...
CVE-1999-0873
Buffer overflow in Skyfull mail server via MAIL FROM command...
EUVD-2020-28777
Malware in sbrugna...
EUVD-2000-0958
Malware in sbrugna...
EUVD-2002-1964
Malware in sbrugna...
EUVD-1999-0854
Malware in sbrugna...
SUSE CVE-2015-9096
Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring...
UBUNTU-CVE-2020-28022
Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands...
UBUNTU-CVE-2020-28021
Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. An authenticated remote SMTP client can insert newline characters into a spool file which indirectly leads to remote code execution as root via AUTH= in a MAIL FROM command...
Exim 安全漏洞
Exim was developed at Cambridge University as a Message Transfer Agent MTA for Unix systems connected to the Internet. Exim has a security vulnerability. An attacker can exploit the vulnerability by authenticating a remote SMTP client to insert line breaks into a fake offline file via AUTH= in th...
CVE-2020-7845
Spamsniper 5.0 5.2.7 contain a stack-based buffer overflow vulnerability caused by improper boundary checks when parsing MAIL FROM command. It leads remote attacker to execute arbitrary code via crafted packet...
Rumble SMTP Server 'MAIL FROM' Command Denial of Service Vulnerability
The host is running Rumble SMTP Server and is prone to denial of service vulnerability. OpenVAS Vulnerability Test $Id: gbrumblesmtpsrvmailfromcmddosvuln.nasl 7019 2017-08-29 11:51:27Z teissa $ Rumble SMTP Server 'MAIL FROM' Command Denial of Service Vulnerability Authors: Veerendra G.G Copyright...
Rumble SMTP Server 'MAIL FROM' Command Denial of Service Vulnerability
Rumble SMTP Server is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Rumble Mail Server 'MAIL FROM'命令远程拒绝服务漏洞
BUGTRAQ ID: 47070 Rumble是以ANSI C编写的邮件服务器,对大多数服务和邮件扩展实现模块化管理。 Rumble邮件服务器在"MAIL FROM"命令的实现上存在远程拒绝服务漏洞,远程攻击者可利用此漏洞造成受影响应用程序崩溃,拒绝服务合法用户。 Humbedooh Rumble 0.25.2232 厂商补丁: Rumble ------ 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://rumbleserver.sourceforge.net/ import socket host = 'localhost...