4947 matches found
KICQ 1.0 - Arbitrary Command Execution
source: https://www.securityfocus.com/bid/2443/info KICQ is an ICQ-compatible interactive messaging client for Unix. Versions of KICQ are vulnerable to remote execution of arbitrary commands embedded in URLs. A maliciously-composed URL containing shell metacharacters and shell commands can be sen...
CVE-2000-0961
CVE-2000-0961 affects Netscape Messaging Server 4.15 Patch 2 with a buffer overflow in the IMAP LIST handling. The vulnerability could allow an attacker to execute arbitrary commands, reported as affecting local users (per CVE description) and, per a Nessus plugin, authenticated users potentially...
CVE-2000-0961
Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch 2 allows local users to execute arbitrary commands via a long LIST command...
CVE-2000-0960
The vulnerability CVE-2000-0960 affects Netscape Messaging Server 4.15p1: the POP3 server exposes user enumeration by returning different error messages for incorrect usernames versus incorrect passwords, enabling an attacker to determine valid accounts and harvest email addresses. The connected ...
CVE-2000-0960
The POP3 server in Netscape Messaging Server 4.15p1 generates different error messages for incorrect user names versus incorrect passwords, which allows remote attackers to determine valid users on the system and harvest email addresses for spam abuse...
PT-2001-1134 · Aol · Aol Instant Messenger
Name of the Vulnerable Software and Affected Versions: AOL Instant Messenger AIM versions prior to 4.3.2229 Description: The issue allows remote attackers to execute arbitrary commands via a "buddyicon" command with a long src argument. This is achieved by exploiting a buffer overflow in the...
Дырка в Netscape Messaging Server
Классическое переполнение буфера в IMAP4-команде list...
CVE-2000-0960
The POP3 server in Netscape Messaging Server 4.15p1 generates different error messages for incorrect user names versus incorrect passwords, which allows remote attackers to determine valid users on the system and harvest email addresses for spam abuse...
CVE-2000-0961
Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch 2 allows local users to execute arbitrary commands via a long LIST command...
Netscape Messaging Server IMAP LIST Command Remote Overflow
There is a buffer overflow in the remote imap server which allows an authenticated user to obtain a remote shell. A way to reproduce the overflow is to issue the command : list AAAAA...AAAA / %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc...
CVE-2000-0772
The installation of Tumbleweed Messaging Management System MMS 4.6 and earlier formerly Worldtalk Worldsecure creates a default account "sa" with no password...
Очередная проблема с Netscape Messaging Server
Имя и пароль пользователя проверяются отдельно, что дает возможность получения списка пользователей...
Netscape Messaging server 4.15 poor error strings
Hello, I have searched for anything regarding this problem, and haven't found anything so I apologize if this has already been covered. I am dealing with Netscape Messaging Server aka Iplanet Messaging server 4.15p1 mar 15 2000. The problem is that the POP3 server displays a different message for...
Дырка в Netscape Messaging Server
Классическое переполнение буфера в IMAP-команде list...
CVE-2000-0772
The installation of Tumbleweed Messaging Management System MMS 4.6 and earlier formerly Worldtalk Worldsecure creates a default account "sa" with no password...
Tumbleweed Worldsecure (MMS) BLANK 'sa' account password vulnerability
I've recently discovered the following vulnerability: Product: Tumbleweed Messaging Management System MMS Formerly Worldtalk Worldsecure http://www.tumbleweed.com/solutions/products/mmsproducts Version: 4.3 - 4.5 all builds Description: Product uses Microsoft's MSDE Database engine which is a...
winmail305.txt
I found some vulnerabilities if windmail run as a CGI application.tested On WindowsNT 4.0, Windmail 3.05 successfully. WindMail is a 32-bit Windows console program by geocel that gives you command-line e-mail messaging capability. You can download an evaluation copy of WindMail 3.0 at:...
CVE-2000-0216
Affected software: Microsoft email clients (Outlook, Exchange, Windows Messaging). Vulnerability: servers/clients automatically respond to Read Receipt and Delivery Receipt tags. Root cause: auto-generated responses to receipt requests, enabling amplification by redirecting to a large distributio...
CVE-1999-1532
Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker to cause a denial of service memory exhaustion via a series of long RCPT TO commands...
Netscape Messaging Server 3.63.543.55 - RCPT TO Denial of Service
Netscape Messaging Server 3.63.543.55 - RCPT TO Denial of Service // source: https://www.securityfocus.com/bid/748/info Netscape Messaging server will not de-allocate memory that is used to store the RCPT TO information for an incoming email. By sending enough long RCPT TO addresses, the system c...