EUVD-2004-2512

Malware in sbrugna...

Design/Logic Flaw

The WP EXtra plugin for WordPress is vulnerable to unauthorized access to restricted functionality due to a missing capability check on the 'test-email' section of the register function in versions up to, and including, 6.2. This makes it possible for authenticated attackers, with minimal...

Axigen 安全漏洞

Axigen is a mail server with groupware and collaboration features from Axigen. A security vulnerability exists in Axigen version 10.3.3.52, which stems from a two-step authentication issue that allows an attacker to access mailboxes without any CAPTCHA by bypassing the two-step authentication usi...

The vulnerability of the Dovecot mail server’s passdb account database allows a hacker to escalate their privileges.

The vulnerability of the Dovecot mail server’s passdb database account database is related to configuration errors. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

The vulnerability of Microsoft Exchange Server’s mail server, related to insufficient input validation, allows attackers to execute arbitrary code.

The vulnerability of Microsoft Exchange Server is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Dovecot mail server, caused by uncontrolled recursion, allows attackers to trigger a service failure.

The vulnerability of the Dovecot mail server arises due to an uncontrolled recursion. Exploiting this vulnerability allows a malicious actor, operating remotely, to cause service failures through a specially crafted email message...

Roehling Postsrsd Resource Management Error Vulnerability

Roehling Postsrsd is a C-based software from the individual developer Roehling that provides reverse SRS functionality for mail servers. A security vulnerability in PostSRSd before 1.10, which originated in srs2.c, allows remote attackers to cause a denial of service CPU consumption via a...

Dovecot Resource Management Error Vulnerability

Dovecot is an open source based on Linux/UNIX-like systems IMAP and POP3 mail server . Dovecot suffers from a resource management error vulnerability. The vulnerability originates from a network system or product that mismanages system resources e.g., memory, disk space, files, etc.. An attacker...

Cyrus IMAP Denial of Service Vulnerability

Cyrus IMAP is a free, open source Unix and Linux-based operating system for supporting IMAP Interactive Mail Access Protocol protocol mail server . A security vulnerability exists in the 'mboxlistdofind' function in the imap/mboxlist.c file in Cyrus IMAP versions prior to 3.0.4. A remote attacker...

1st Class Internet Solutions 1st Class Mail Server 4.0 - Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9794/info 1st Class Mail Server has been reported prone to a remote buffer overflow vulnerability. The issue exists due to a lack of sufficient boundary checks performed on user-supplied data. A remote attacker may pass...

CVE-2006-0812

The CVE-2006-0812 vulnerability affects VisNetic AntiVirus Plug-in for MailServer (DKAVUpSch.exe) versions 4.6.0.4 and 4.6.1.1 (and possibly earlier than 4.6.1.2). The root cause is that the plug-in does not drop privileges before executing other programs, enabling a local attacker with access to...

FloosieTek FTGatePro 1.22 - Mail Server Cross-Site Scripting

source: https://www.securityfocus.com/bid/8528/info FloosieTek FTGatePro Mail Server is prone to a cross-site scripting vulnerability. A remote attacker could exploit this issue by enticing a legitimate user of the mail server to follow a malicious link with embedded HTML and script code. The...

FloosieTek FTGatePro 1.22 - Mail Server Full Path Disclosure

source: https://www.securityfocus.com/bid/8527/info FloosieTek FTGatePro Mail Server may disclose its installation path to remote attackers. This information could be useful when mounting further attacks against the system. This issue exists in the web administrative interface, which listens on...

CVE-1999-1012

SMTP component of Lotus Domino 4.6.1 on AS/400, and possibly other operating systems, allows a remote attacker to crash the mail server via a long string...