Lucene search
K

4947 matches found

exploitdb
exploitdb
added 2001/02/14 12:0 a.m.27 views

KICQ 1.0 - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/2443/info KICQ is an ICQ-compatible interactive messaging client for Unix. Versions of KICQ are vulnerable to remote execution of arbitrary commands embedded in URLs. A maliciously-composed URL containing shell metacharacters and shell commands can be sen...

7AI score
Exploits0
cve
cve
added 2001/01/22 5:0 a.m.57 views

CVE-2000-0961

CVE-2000-0961 affects Netscape Messaging Server 4.15 Patch 2 with a buffer overflow in the IMAP LIST handling. The vulnerability could allow an attacker to execute arbitrary commands, reported as affecting local users (per CVE description) and, per a Nessus plugin, authenticated users potentially...

10CVSS7.4AI score0.02386EPSS
Exploits0References3Affected Software2
cvelist
cvelist
added 2001/01/22 5:0 a.m.21 views

CVE-2000-0961

Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch 2 allows local users to execute arbitrary commands via a long LIST command...

7.3AI score0.02386EPSS
Exploits0References3
cve
cve
added 2001/01/22 5:0 a.m.48 views

CVE-2000-0960

The vulnerability CVE-2000-0960 affects Netscape Messaging Server 4.15p1: the POP3 server exposes user enumeration by returning different error messages for incorrect usernames versus incorrect passwords, enabling an attacker to determine valid accounts and harvest email addresses. The connected ...

5CVSS6.6AI score0.01697EPSS
Exploits1References3Affected Software1
cvelist
cvelist
added 2001/01/22 5:0 a.m.28 views

CVE-2000-0960

The POP3 server in Netscape Messaging Server 4.15p1 generates different error messages for incorrect user names versus incorrect passwords, which allows remote attackers to determine valid users on the system and harvest email addresses for spam abuse...

6.6AI score0.01697EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2001/01/09 12:0 a.m.7 views

PT-2001-1134 · Aol · Aol Instant Messenger

Name of the Vulnerable Software and Affected Versions: AOL Instant Messenger AIM versions prior to 4.3.2229 Description: The issue allows remote attackers to execute arbitrary commands via a "buddyicon" command with a long src argument. This is achieved by exploiting a buffer overflow in the...

7.5CVSS8.1AI score0.04683EPSS
Exploits1References7
securityvulns
securityvulns
added 2000/12/20 12:0 a.m.34 views

Дырка в Netscape Messaging Server

Классическое переполнение буфера в IMAP4-команде list...

1.3AI score
Exploits0References1Affected Software1
nvd
nvd
added 2000/12/19 5:0 a.m.19 views

CVE-2000-0960

The POP3 server in Netscape Messaging Server 4.15p1 generates different error messages for incorrect user names versus incorrect passwords, which allows remote attackers to determine valid users on the system and harvest email addresses for spam abuse...

5CVSS6.6AI score0.01697EPSS
Exploits1References3
nvd
nvd
added 2000/12/19 5:0 a.m.20 views

CVE-2000-0961

Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch 2 allows local users to execute arbitrary commands via a long LIST command...

10CVSS7.3AI score0.02386EPSS
Exploits0References3
nessus
nessus
added 2000/12/19 12:0 a.m.30 views

Netscape Messaging Server IMAP LIST Command Remote Overflow

There is a buffer overflow in the remote imap server which allows an authenticated user to obtain a remote shell. A way to reproduce the overflow is to issue the command : list AAAAA...AAAA / %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc...

10CVSS5.9AI score0.02386EPSS
Exploits0References2
nvd
nvd
added 2000/10/20 4:0 a.m.9 views

CVE-2000-0772

The installation of Tumbleweed Messaging Management System MMS 4.6 and earlier formerly Worldtalk Worldsecure creates a default account "sa" with no password...

7.5CVSS6.6AI score0.01396EPSS
Exploits0References4
securityvulns
securityvulns
added 2000/10/13 12:0 a.m.43 views

Очередная проблема с Netscape Messaging Server

Имя и пароль пользователя проверяются отдельно, что дает возможность получения списка пользователей...

0.6AI score
Exploits0References1Affected Software2
securityvulns
securityvulns
added 2000/10/13 12:0 a.m.64 views

Netscape Messaging server 4.15 poor error strings

Hello, I have searched for anything regarding this problem, and haven't found anything so I apologize if this has already been covered. I am dealing with Netscape Messaging Server aka Iplanet Messaging server 4.15p1 mar 15 2000. The problem is that the POP3 server displays a different message for...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2000/09/28 12:0 a.m.33 views

Дырка в Netscape Messaging Server

Классическое переполнение буфера в IMAP-команде list...

1.3AI score
Exploits0References1Affected Software1
cvelist
cvelist
added 2000/09/21 4:0 a.m.16 views

CVE-2000-0772

The installation of Tumbleweed Messaging Management System MMS 4.6 and earlier formerly Worldtalk Worldsecure creates a default account "sa" with no password...

6.6AI score0.01396EPSS
Exploits0References4
securityvulns
securityvulns
added 2000/08/11 12:0 a.m.76 views

Tumbleweed Worldsecure (MMS) BLANK 'sa' account password vulnerability

I've recently discovered the following vulnerability: Product: Tumbleweed Messaging Management System MMS Formerly Worldtalk Worldsecure http://www.tumbleweed.com/solutions/products/mmsproducts Version: 4.3 - 4.5 all builds Description: Product uses Microsoft's MSDE Database engine which is a...

7.8AI score
Exploits0
packetstorm
packetstorm
added 2000/03/29 12:0 a.m.32 views

winmail305.txt

I found some vulnerabilities if windmail run as a CGI application.tested On WindowsNT 4.0, Windmail 3.05 successfully. WindMail is a 32-bit Windows console program by geocel that gives you command-line e-mail messaging capability. You can download an evaluation copy of WindMail 3.0 at:...

7.4AI score
Exploits0
cve
cve
added 2000/03/22 5:0 a.m.79 views

CVE-2000-0216

Affected software: Microsoft email clients (Outlook, Exchange, Windows Messaging). Vulnerability: servers/clients automatically respond to Read Receipt and Delivery Receipt tags. Root cause: auto-generated responses to receipt requests, enabling amplification by redirecting to a large distributio...

5CVSS6.8AI score0.05145EPSS
Exploits0References1Affected Software3
nvd
nvd
added 1999/10/29 4:0 a.m.15 views

CVE-1999-1532

Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker to cause a denial of service memory exhaustion via a series of long RCPT TO commands...

5CVSS6.6AI score0.02459EPSS
Exploits1References2
exploitpack
exploitpack
added 1999/10/28 12:0 a.m.28 views

Netscape Messaging Server 3.63.543.55 - RCPT TO Denial of Service

Netscape Messaging Server 3.63.543.55 - RCPT TO Denial of Service // source: https://www.securityfocus.com/bid/748/info Netscape Messaging server will not de-allocate memory that is used to store the RCPT TO information for an incoming email. By sending enough long RCPT TO addresses, the system c...

0.2AI score
Exploits0
Rows per page
Query Builder