146 matches found
CVE-2005-1824
The sqlescapestring function in auth/sql.c for the mailutils SQL authentication module does not properly quote the "" backslash character, which is used as an escape character and makes the module vulnerable to SQL injection attacks...
CVE-2005-1824
The sqlescapestring function in auth/sql.c for the mailutils SQL authentication module does not properly quote the "" backslash character, which is used as an escape character and makes the module vulnerable to SQL injection attacks...
DEBIAN-CVE-2005-1824
The sqlescapestring function in auth/sql.c for the mailutils SQL authentication module does not properly quote the "" backslash character, which is used as an escape character and makes the module vulnerable to SQL injection attacks...
CVE-2005-1824
The sqlescapestring function in auth/sql.c for the mailutils SQL authentication module does not properly quote the "" backslash character, which is used as an escape character and makes the module vulnerable to SQL injection attacks...
GLSA-200505-20 : Mailutils: Multiple vulnerabilities in imap4d and mail
The remote host is affected by the vulnerability described in GLSA-200505-20 Mailutils: Multiple vulnerabilities in imap4d and mail infamous41d discovered several vulnerabilities in GNU Mailutils. imap4d does not correctly implement formatted printing of command tags CAN-2005-1523, fails to...
Mailutils: Multiple vulnerabilities in imap4d and mail
Background GNU Mailutils is a collection of mail-related utilities, including an IMAP4 server imap4d and a Mail User Agent mail. Description infamous41d discovered several vulnerabilities in GNU Mailutils. imap4d does not correctly implement formatted printing of command tags CAN-2005-1523, fails...
CVE-2005-1523
Format string vulnerability in imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via format string specifiers in the command tag for IMAP commands...
CVE-2005-1521
CVE-2005-1521 affects GNU Mailutils 0.5/0.6 and earlier than 0.6.90. The description identifies an integer overflow in the imap4d fetch_io function that can cause a heap-based buffer overflow, enabling a remote attacker to execute arbitrary code via a partial message request with a large END para...
CVE-2005-1523
Format string vulnerability in imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via format string specifiers in the command tag for IMAP commands...
CVE-2005-1520
According to the connected advisories, CVE-2005-1520 affects GNU mailutils 0.5 and 0.6 (and pre-0.6.90); it is caused by a buffer overflow in header_get_field_name() in header.c, enabling remote code execution via a crafted email. Remediation in provided documents points to updating to fixed pack...
CVE-2005-1521
Integer overflow in the fetchio function of the imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a partial message request with a large value in the END parameter, which leads to a heap-based buffer overflow...
CVE-2005-1520
Buffer overflow in the headergetfieldname function in header.c for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a crafted e-mail...
CVE-2005-1523
Format string vulnerability in imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via format string specifiers in the command tag for IMAP commands...
CVE-2005-1523
CVE-2005-1523 : GNU Mailutils imap4d has a format-string vulnerability in IMAP command tags that allows remote code execution. Affected: imap4d before 0.6.90 (and 0.5/0.6). Impact: arbitrary code execution with IMAP service privileges. Mitigation: upgrade to a version where the issue is fixed (pe...
CVE-2005-1520
Buffer overflow in the headergetfieldname function in header.c for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a crafted e-mail...
CVE-2005-1521
Integer overflow in the fetchio function of the imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a partial message request with a large value in the END parameter, which leads to a heap-based buffer overflow...
CVE-2005-1520
Buffer overflow in the headergetfieldname function in header.c for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a crafted e-mail...
DEBIAN-CVE-2005-1521
Integer overflow in the fetchio function of the imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a partial message request with a large value in the END parameter, which leads to a heap-based buffer overflow...
DEBIAN-CVE-2005-1520
Buffer overflow in the headergetfieldname function in header.c for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a crafted e-mail...
CVE-2005-1523
Format string vulnerability in imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via format string specifiers in the command tag for IMAP commands...