Debian Security Advisory DSA 073-1 (imp)

The remote host is missing an update to imp announced via advisory DSA 073-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2001-1583

lpd daemon in.lpd in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220...

Remote Command Exec (FireFox 2.0.0.5 et al)

By: Nate McFeters nate dot mcfeters -at- gmail Billy BK Rios billy dot rios -at- gmail Tested in FireFox 2.0.0.5 and 3.0a6, Netscape Navigator 9, and Mozilla browser. NOTE These examples were created for WinXP SP2 with no external mail programs installed outlook, notes…etc. If you have an externa...

Apple iPhone Mail Program Detection

Binary data 4135.prm...

[SECURITY] Fedora 7 Update: mutt-1.5.14-4.fc7

Mutt is a text-mode mail user agent. Mutt supports color, threading, arbitrary key remapping, and a lot of customization. You should install mutt if you have used it in the past and you prefer it, or if you are new to mail programs and have not decided which one you are going to use...

[SECURITY] Fedora Core 6 Update: mutt-1.4.2.3-1.fc6

Mutt is a text-mode mail user agent. Mutt supports color, threading, arbitrary key remapping, and a lot of customization. You should install mutt if you have used it in the past and you prefer it, or if you are new to mail programs and have not decided which one you are going to use...

[SA19465] NetBSD mail Insecure Record File Creation

TITLE: NetBSD mail Insecure Record File Creation SECUNIA ADVISORY ID: SA19465 VERIFY ADVISORY: http://secunia.com/advisories/19465/ CRITICAL: Less critical IMPACT: Exposure of sensitive information WHERE: Local system OPERATING SYSTEM: NetBSD 1.x http://secunia.com/product/255/ DESCRIPTION: A...

CVE-2005-1423

Directory traversal vulnerability in the mail program in 602LAN SUITE 2004.0.05.0413 allows remote attackers to cause a denial of service and determine the presence of arbitrary files via .. sequences in the A parameter...

CVE-2005-1423

CVE-2005-1423 affects Software602 602LAN SUITE; the mail component is vulnerable to directory traversal via .. sequences in the A parameter, enabling remote denial of service and potential file presence enumeration. Vulnerable in 2004.0.05.0413; fixed in 2004.0.05.0509 (or later). Upgrade to 2004...

Debian DSA-044-1 : mailx

The mail program a simple tool to read and send email as distributed with Debian GNU/Linux 2.2 has a buffer overflow in the input parsing code. Since mail is installed setgid mail by default this allowed local users to use it to gain access to mail group. Since the mail code was never written to ...

Debian DSA-229-1 : imp - SQL injection

Jouko Pynnonen discovered a problem with IMP, a web-based IMAP mail program. Using carefully crafted URLs a remote attacker is able to inject SQL code into SQL queries without proper user authentication. Even though results of SQL queries aren't directly readable from the screen, an attacker migh...

[SECURITY] [DSA 229-2] New IMP packages fix SQL injection and typo

-------------------------------------------------------------------------- Debian Security Advisory DSA 229-2 [email protected] http://www.debian.org/security/ Martin Schulze January 15th, 2003 http://www.debian.org/security/faq -...

CVE-2002-0043

sudo 1.6.0 through 1.6.3p7 does not properly clear the environment before calling the mail program, which could allow local users to gain root privileges by modifying environment variables and changing how the mail program is invoked...

CVE-2002-0043

sudo 1.6.0 through 1.6.3p7 does not properly clear the environment before calling the mail program, which could allow local users to gain root privileges by modifying environment variables and changing how the mail program is invoked...

SUIDPerl 5.00503 - Mail Shell Escape (2)

SUIDPerl 5.00503 - Mail Shell Escape 2 source: https://www.securityfocus.com/bid/1547/info The interaction between some security checks performed by suidperl, the setuid version of perl, and the /bin/mail program creates a scenario that allows local malicious users to execute commands with root...

CVE-1999-0341

Buffer overflow in the Linux mail program "deliver" allows local users to gain root access...

Solaris 7.0 /usr/bin/mail - '-m' Local Buffer Overflow

// source: https://www.securityfocus.com/bid/672/info A buffer overflow vulnerability in the '/usr/bin/mail' program's handling of the '-m' command line argument allows local users to obtain access to the 'mail' group. / Generic Solaris x86 exploit program by Brock Tellier For use against any x86...

promail.1.21.trojan.txt

Date: Fri, 19 Mar 1999 09:41:18 +0100 From: Aeon Labs To: [email protected] Subject: security/privacy news Perhaps this might be of interest to Your readers. ProMail v1.21, an advanced freeware mail program spread through several worldwide distribution networks SimTel.net, Shareware.co...

CVE-1999-0341

Buffer overflow in the Linux mail program "deliver" allows local users to gain root access...

IRIX 5.36.x - usrbinmail Local Buffer Overflow

IRIX 5.36.x - usrbinmail Local Buffer Overflow / source: https://www.securityfocus.com/bid/1542/info The mail1 program, also know as mailatt, is used to read or send email. A buffer overflow condition exists in code that handles the LOGNAME environment variable. This could be exploited to elevate...