EUVD-2003-1314

Malware in sbrugna...

EUVD-2003-1313

Malware in sbrugna...

royalmailgroup.emincote.com XSS vulnerability

Vulnerable URL: http://royalmailgroup.emincote.com/event/webcast.php?eventid=971%27%22--!%3E%3CScript%20/K/%3EconfirmOPENBUGBOUNTY//%3C/Script%20/K/%3E%3C!--=flash Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:|...

BEdita CMS 3.5.0 Cross Site Request Forgery / Cross Site Scripting

BEdita CMS - XSS & CSRF Vulnerability in Version 3.5.0 ---------------------------------------------------------------- Product Information: Software: BEdita CMS Tested Version: 3.5.0, released 19.1.2015 Vulnerability Type: Cross-Site Scripting CWE-79 & Cross-Site Request Forgery, CSRF CWE-352...

Solaris 7.0 /usr/bin/mail -m Local Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/672/info A buffer overflow vulnerability in the '/usr/bin/mail' program's handling of the '-m' command line argument allows local users to obtain access to the 'mail' group. / Generic Solaris x86 exploit program by Brock...

Dovecot symbolic links vulnerability

It's possible to access files readable by mail group via symlinks if mailextragroups=mail is set...

Debian Security Advisory DSA 044-1 (mailx)

The remote host is missing an update to mailx announced via advisory DSA 044-1. OpenVAS Vulnerability Test $Id: deb0441.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 044-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

CVE-2003-1324

The CVE-2003-1324 issue concerns Elm ME+ 2.4, where a race condition in can_open when installed with setgid mail and on systems without POSIX saved ID support lets local users read/modify files with mail-group privileges. Affected component is the can_open function; root cause is a race condition...

Ubuntu 4.10 : emacs21 vulnerability (USN-76-1)

Max Vozeler discovered a format string vulnerability in the 'movemail' utility of Emacs. By sending specially crafted packets, a malicious POP3 server could cause a buffer overflow, which could have been exploited to execute arbitrary code with the privileges of the user and the 'mail' group sinc...

Evolution: Integer overflow in camel-lock-helper

Background Evolution is a GNOME groupware application similar to Microsoft Outlook. Description Max Vozeler discovered an integer overflow in the camel-lock-helper application, which is installed as setgid mail by default. Impact A local attacker could exploit this vulnerability to execute...

[Full-Disclosure] iDEFENSE Security Advisory 08.24.04: CDE Mailer argv[0] Format String Vulnerability

CDE Mailer argv0 Format String Vulnerability iDEFENSE Security Advisory 08.24.04 www.idefense.com/application/poi/display?id=132&type=vulnerabilities August 24, 2004 I. BACKGROUND CDE Mailer dtmail is the mail user agent MUA for CDE, which is installed on Solaris 8 and 9 by default. It provides a...

CVE-2003-1324

Race condition in the canopen function in Elm ME+ 2.4, when installed setgid mail and the operating system lacks POSIX saved ID support, allows local users to read and modify certain files with the privileges of the mail group...

Moderate: Red Hat Security Advisory: shadow-utils security update

Updated shadow-utils packages are now available. These updated packages correct a bug that caused the useradd tool to create mail spools with incorrect permissions. The shadow-utils package includes programs for converting UNIX password files to the shadow password format, plus programs for...

SA2001-04 : Solaris dtmail Buffer Overflow Vulnerability

NSFOCUS Security AdvisorySA2001-04 Topic: Solaris dtmail Buffer Overflow Vulnerability Release DateЈє 2001-7-24 CVE CAN ID : CAN-2001-0548 BUGTRAQ ID : 3081 Affected system: ================ Sun Solaris 2.6 SPARC/x86 Sun Solaris 7 SPARC/x86 Not affected system: ==================== Sun Solaris 8...

Sun Solaris mailx contains buffer overflow via -F option

Overview A buffer overflow in the mailx program on Solaris systems can allow an intruder to execute code with the privileges of the mail group. Description A buffer overflow in the -F option of the mailx program on Solaris systems may allow an intruder to execute code with the privileges of the...

Переполнение буфера в mailx

Переполнение буфера в обработке параметра -c дает возможность получить привилегии группы mail в системах, где mail установлен с sgid...

Очередная дырка в qpopper 2.53

Ввод пользователя используется в качестве форматной строки, что позволяет переполнить буфер и получить привилегии группы mail...

qpopper format string vulnerability

An authenticated user may trigger a format string vulnerability present in qpopper's UIDL code, resulting in arbitrary code execution with group ID mail' privileges...

Solaris 7.0 usrbinmail - -m Local Buffer Overflow

Solaris 7.0 usrbinmail - -m Local Buffer Overflow // source: https://www.securityfocus.com/bid/672/info A buffer overflow vulnerability in the '/usr/bin/mail' program's handling of the '-m' command line argument allows local users to obtain access to the 'mail' group. / Generic Solaris x86 exploi...

mailx 8.1.1-10 (BSDSlackware) - Local Buffer Overflow (2)

mailx 8.1.1-10 BSDSlackware - Local Buffer Overflow 2 / source: https://www.securityfocus.com/bid/1305/info Some Linux distributions ship with BSD mailx 8.1.1-10 On Slackware 7.x it can be found as /usr/bin/Mail. A vulnerability exists in the 'mail' program, part of the Berkeley mailx package. Th...