217 matches found
NetWin Surgemail 4.3e Cross Site Scripting
Application NetWin Surgemail 4.3e Vendor NetWin - http://netwinsite.com Discovered by Kerem Kocaer Problem ------- Cross-site scripting XSS vulnerability in the Surgemail webmail login page /surgemail allows remote attackers to inject arbitrary web script or HTML. Input passed to the "usernameex"...
CVE-2010-1068
The CVE-2010-1068 entry describes multiple cross-site scripting (XSS) vulnerabilities in SurgeFTP 2.3a6, specifically in surgeftpmgr.cgi. The issue enables remote attackers to inject arbitrary web script or HTML via the domainid or classid parameters in a class action. Connected sources identify ...
SurgeMail Detection Consolidation
Consolidation of SurgeMail detections. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute i...
CVE-2008-7182
Buffer overflow in the IMAP service in NetWin Surgemail 3.9e, and possibly other versions before 3.9g2, allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a long first argument to the APPEND command, a different vector than CVE-2008-1497 a...
Buffer overflow
Buffer overflow in the IMAP service in NetWin Surgemail 3.9e, and possibly other versions before 3.9g2, allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a long first argument to the APPEND command, a different vector than CVE-2008-1497 a...
CVE-2008-7182
SurgeMail IMAP Service APPEND command Buffer Overflow (CVE-2008-7182) affects NetWin Surgemail 3.9e and possibly earlier versions up to 3.9g2. Affected component is the IMAP service; root cause is a buffer overflow triggered by a long first argument to the APPEND command. Impact stated: remote au...
CVE-2008-7182
Buffer overflow in the IMAP service in NetWin Surgemail 3.9e, and possibly other versions before 3.9g2, allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a long first argument to the APPEND command, a different vector than CVE-2008-1497 a...
CVE-2008-5421
The SSL web administration service in NetWin SmsGate 1.1n and earlier allows remote attackers to cause a denial of service hang via 1 a large integer in the Content-Length HTTP header; 2 an invalid value in the Content-Length HTTP header, as demonstrated by a negative integer; or 3 a missing...
Hardcoded credentials
The SSL web administration service in NetWin SmsGate 1.1n and earlier allows remote attackers to cause a denial of service hang via 1 a large integer in the Content-Length HTTP header; 2 an invalid value in the Content-Length HTTP header, as demonstrated by a negative integer; or 3 a missing...
CVE-2008-5421
The SSL web administration service in NetWin SmsGate 1.1n and earlier allows remote attackers to cause a denial of service hang via 1 a large integer in the Content-Length HTTP header; 2 an invalid value in the Content-Length HTTP header, as demonstrated by a negative integer; or 3 a missing...
CVE-2008-5421
The CVE-2008-5421 issue affects NetWin SmsGate 1.1n and earlier, where the SSL web administration service can be remotely caused to hang (DoS) by HTTP Content-Length header values: (1) an excessively large integer, (2) an invalid value such as a negative integer, or (3) a missing Content-Length h...
[AJECT] SurgeMail IMAP 3.9e vulnerability
---------------------------------------- Synopsis ---------------------------------------- SurgeMail Mail Server 3.9e Windows and Unix-based versions is vulnerable to denial-of-service DoS attacks. The nature of the crash may indicate a buffer overflow problem, but the developers claimed otherwis...
CVE-2008-2859
Unspecified vulnerability in the IMAP service in NetWin SurgeMail before 3.9g2 allows remote attackers to cause a denial of service daemon crash via unknown vectors related to an "imap command."...
CVE-2008-2859
Unspecified vulnerability in the IMAP service in NetWin SurgeMail before 3.9g2 allows remote attackers to cause a denial of service daemon crash via unknown vectors related to an "imap command."...
CVE-2008-2859
NetWin SurgeMail IMAP service prior to 3.9g2 is affected by an unspecified vulnerability described as CVE-2008-2859 that allows remote attackers to cause a denial of service (daemon crash) via unknown vectors related to an “imap command.” The NVD entry lists this as a MEDIUM-severity issue (CVSSv...
Stack overflow
Stack-based buffer overflow in the IMAP service in NetWin Surgemail 3.8k4-4 and earlier allows remote authenticated users to execute arbitrary code via a long first argument to the LIST command...
CVE-2008-1497
Stack-based buffer overflow in the IMAP service in NetWin SurgeMail 38k4-4 and earlier allows remote authenticated users to execute arbitrary code via long arguments to the LSUB command...
CVE-2008-1498
Stack-based buffer overflow in the IMAP service in NetWin Surgemail 3.8k4-4 and earlier allows remote authenticated users to execute arbitrary code via a long first argument to the LIST command...
Stack overflow
Stack-based buffer overflow in the IMAP service in NetWin SurgeMail 38k4-4 and earlier allows remote authenticated users to execute arbitrary code via long arguments to the LSUB command...
CVE-2008-1498
Stack-based buffer overflow in the IMAP service in NetWin Surgemail 3.8k4-4 and earlier allows remote authenticated users to execute arbitrary code via a long first argument to the LIST command...