23 matches found
EUVD-2003-1408
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2024-28054
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Amavis before 2.12.3 and 2.13.x before 2.13.1, in part because of its use of MIME-tools, has an Interpretation Conflict relative to some mail user agents when...
ALPINE-CVE-2024-28054
Amavis before 2.12.3 and 2.13.x before 2.13.1, in part because of its use of MIME-tools, has an Interpretation Conflict relative to some mail user agents when there are multiple boundary parameters in a MIME email message. Consequently, there can be an incorrect check for banned files or malware...
SUSE CVE-2010-2761
The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v...
HTTP Response Splitting
perl is vulnerable to HTTP response splitting. The vulnerability exists as it was found that the Perl CGI module used a hard-coded value for the MIME boundary string in multipart/x-mixed-replace content. A remote attacker could possibly use this flaw to conduct an HTTP response splitting attack v...
Denial Of Service (DoS)
commons-fileupload is vulnerable to denial of service attacks. The vulnerability can be triggered because the HTTP server does not properly filter the file upload requests which has the size of MIME boundary close to the size of the buffer in MultipartStream...
Pine 4.x Empty MIME Boundary Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5301/info Pine is an open source mail user agent distributed by the University of Washington. It is freely available for Unix, Linux, and Microsoft Operating Systems. When a mail is received by pine that contains MIME...
perl-CGI-Simple: - hardcoded MIME boundary value for multipart content, CVE-2010-4410 - CRLF injection allowing HTTP response splitting
CRLF injection vulnerability in the header function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline...
perl-CGI-Simple: - hardcoded MIME boundary value for multipart content, CVE-2010-4410 - CRLF injection allowing HTTP response splitting
The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v...
Ubuntu 6.06 LTS / 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : perl vulnerabilities (USN-1129-1)
It was discovered that the Safe.pm Perl module incorrectly handled Safe::reval and Safe::rdo access restrictions. An attacker could use this flaw to bypass intended restrictions and possibly execute arbitrary code. CVE-2010-1168, CVE-2010-1447 It was discovered that the CGI.pm Perl module...
perl-CGI-Simple: - hardcoded MIME boundary value for multipart content, CVE-2010-4410 - CRLF injection allowing HTTP response splitting
CRLF injection vulnerability in the header function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline...
perl-CGI-Simple: - hardcoded MIME boundary value for multipart content, CVE-2010-4410 - CRLF injection allowing HTTP response splitting
The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v...
Moderate: Red Hat Security Advisory: perl security and bug fix update
Updated perl packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
Ubuntu: Security Advisory (USN-1129-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Perl MIME Boundary 'multipart_init' Unspecified Security Vulnerability
Perl is prone to an unspecified security vulnerability because the MIME part of the 'multipartinit' is not random. OpenVAS Vulnerability Test $Id: gbperlcgi44892.nasl 5323 2017-02-17 08:49:23Z teissa $ Perl MIME Boundary 'multipartinit' Unspecified Security Vulnerability Authors: Michael Meyer...
IPSwitch IMail client buffer overflow
Buffer overflow on oversized MIME boundary...
CVE-2003-1418
CVE-2003-1418 affects Apache HTTP Server 1.3.22–1.3.27 on OpenBSD. The root cause is information disclosure via (1) ETag headers that reveal inode numbers and (2) multipart MIME boundaries that reveal child process IDs (PIDs). Practical impact is partial information disclosure that can aid reconn...
Asterisk malformed MIME boundary multiple buffer overflows and DoS
Multiple buffer overflows and crash on malformed MIME boundary if IMAP storage is used for Voicemail...
PHP imap_mail_compose buffer overflow
Buffer overflow on oversized MIME boundary...
[SA13556] Email Sanitizer Unspecified MIME Denial of Service Vulnerability
TITLE: Email Sanitizer Unspecified MIME Denial of Service Vulnerability SECUNIA ADVISORY ID: SA13556 VERIFY ADVISORY: http://secunia.com/advisories/13556/ CRITICAL: Less critical IMPACT: DoS WHERE: From remote SOFTWARE: Email Sanitizer 1.x http://secunia.com/product/4436/ DESCRIPTION: A...