Lucene search
K

10 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:1 a.m.5 views

SUSE CVE-2020-7247

smtpmailaddr in smtpsession.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration...

10CVSS9.6AI score0.98946EPSS
Exploits27References3
Veracode
Veracode
added 2021/05/31 6:1 p.m.22 views

Privilege Escalation

OpenDMARC is vulnerable to privilege escaltion. The vulnerability exists due to pypolicyd-spf allowing an attacker to bypass SPF and DMARC authentication in situations where the HELO field is inconsistent with the MAIL FROM field...

9.8CVSS3.7AI score0.02658EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2020/04/27 2:15 p.m.28 views

CVE-2019-20790

OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, allows attacks that bypass SPF and DMARC authentication in situations where the HELO field is inconsistent with the MAIL FROM field...

9.8CVSS7AI score
Exploits0References5
CNVD
CNVD
added 2020/02/03 12:0 a.m.2 views

OpenSMTPD Remote Command Execution Vulnerability

OpenSMTPD is a free server-side implementation of the SMTP protocol developed by the OpenBSD team, defined via RFC5321 and part of the OpenBSD project. A remote command execution vulnerability exists in OpenSMTPD. It allows remote attackers to execute arbitrary commands as root via a specially...

10CVSS8AI score0.98946EPSS
Exploits27References1
OSV
OSV
added 2020/01/29 4:15 p.m.2 views

ALPINE-CVE-2020-7247

smtpmailaddr in smtpsession.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration...

9.8CVSS7.7AI score0.98946EPSS
Exploits27References1
Prion
Prion
added 2020/01/29 4:15 p.m.24 views

Input validation

smtpmailaddr in smtpsession.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration...

10CVSS9.5AI score0.98946EPSS
Exploits27References14Affected Software4
CVE
CVE
added 2005/05/10 4:0 a.m.40 views

CVE-2004-1945

The CVE-2004-1945 issue affects the POP3 service of Kinesphere eXchange, where a buffer overflow in the MAIL FROM handling could allow remote attackers to execute arbitrary code. The vulnerability is triggered by a long MAIL FROM field, enabling potential remote code execution with no authenticat...

7.5CVSS8.3AI score0.06548EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2005/05/10 4:0 a.m.17 views

CVE-2004-1945

Buffer overflow in Kinesphere eXchange POP3 allows remote attackers to execute arbitrary code via a long MAIL FROM field...

7.9AI score0.06548EPSS
Exploits1References7
NVD
NVD
added 2004/04/20 4:0 a.m.8 views

CVE-2004-1945

Buffer overflow in Kinesphere eXchange POP3 allows remote attackers to execute arbitrary code via a long MAIL FROM field...

7.5CVSS7.9AI score0.06548EPSS
Exploits1References7
exploitpack
exploitpack
added 2000/10/23 12:0 a.m.11 views

Avirt Mail 4.04.2 - Mail From: Rcpt to: Denial of Service

Avirt Mail 4.04.2 - Mail From: Rcpt to: Denial of Service // source: https://www.securityfocus.com/bid/1825/info Due to insufficient bounds checking in the code that handles the fields 'MAIL FROM:' and 'RCPT TO:', it is possible to remotely crash Avirt Mail. Entering over 272 characters into the...

7.3AI score
Exploits0
Rows per page
Query Builder