Lucene search
+L

217 matches found

Packet Storm
Packet Storm
added 2010/10/04 12:0 a.m.40 views

NetWin Surgemail 4.3e Cross Site Scripting

Application NetWin Surgemail 4.3e Vendor NetWin - http://netwinsite.com Discovered by Kerem Kocaer Problem ------- Cross-site scripting XSS vulnerability in the Surgemail webmail login page /surgemail allows remote attackers to inject arbitrary web script or HTML. Input passed to the "usernameex"...

4.3CVSS6.5AI score0.03092EPSS
Exploits2
CVE
CVE
added 2010/03/23 6:0 p.m.59 views

CVE-2010-1068

The CVE-2010-1068 entry describes multiple cross-site scripting (XSS) vulnerabilities in SurgeFTP 2.3a6, specifically in surgeftpmgr.cgi. The issue enables remote attackers to inject arbitrary web script or HTML via the domainid or classid parameters in a class action. Connected sources identify ...

4.3CVSS5.8AI score0.01075EPSS
Exploits1References4Affected Software1
OpenVAS
OpenVAS
added 2009/09/15 12:0 a.m.11 views

SurgeMail Detection Consolidation

Consolidation of SurgeMail detections. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute i...

7.1AI score
Exploits0References1
NVD
NVD
added 2009/09/08 10:30 a.m.15 views

CVE-2008-7182

Buffer overflow in the IMAP service in NetWin Surgemail 3.9e, and possibly other versions before 3.9g2, allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a long first argument to the APPEND command, a different vector than CVE-2008-1497 a...

4CVSS7.3AI score0.24277EPSS
Exploits1References4
Prion
Prion
added 2009/09/08 10:30 a.m.16 views

Buffer overflow

Buffer overflow in the IMAP service in NetWin Surgemail 3.9e, and possibly other versions before 3.9g2, allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a long first argument to the APPEND command, a different vector than CVE-2008-1497 a...

4CVSS7.8AI score0.24277EPSS
Exploits2References4Affected Software1
CVE
CVE
added 2009/09/08 10:0 a.m.71 views

CVE-2008-7182

SurgeMail IMAP Service APPEND command Buffer Overflow (CVE-2008-7182) affects NetWin Surgemail 3.9e and possibly earlier versions up to 3.9g2. Affected component is the IMAP service; root cause is a buffer overflow triggered by a long first argument to the APPEND command. Impact stated: remote au...

4CVSS7.6AI score0.24277EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2009/09/08 10:0 a.m.21 views

CVE-2008-7182

Buffer overflow in the IMAP service in NetWin Surgemail 3.9e, and possibly other versions before 3.9g2, allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a long first argument to the APPEND command, a different vector than CVE-2008-1497 a...

7.3AI score0.24277EPSS
Exploits1References4
NVD
NVD
added 2008/12/11 3:30 p.m.18 views

CVE-2008-5421

The SSL web administration service in NetWin SmsGate 1.1n and earlier allows remote attackers to cause a denial of service hang via 1 a large integer in the Content-Length HTTP header; 2 an invalid value in the Content-Length HTTP header, as demonstrated by a negative integer; or 3 a missing...

5CVSS6.7AI score0.01435EPSS
Exploits1References3
Prion
Prion
added 2008/12/11 3:30 p.m.18 views

Hardcoded credentials

The SSL web administration service in NetWin SmsGate 1.1n and earlier allows remote attackers to cause a denial of service hang via 1 a large integer in the Content-Length HTTP header; 2 an invalid value in the Content-Length HTTP header, as demonstrated by a negative integer; or 3 a missing...

5CVSS7.2AI score0.01435EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2008/12/11 3:0 p.m.21 views

CVE-2008-5421

The SSL web administration service in NetWin SmsGate 1.1n and earlier allows remote attackers to cause a denial of service hang via 1 a large integer in the Content-Length HTTP header; 2 an invalid value in the Content-Length HTTP header, as demonstrated by a negative integer; or 3 a missing...

6.7AI score0.01435EPSS
Exploits1References3
CVE
CVE
added 2008/12/11 3:0 p.m.58 views

CVE-2008-5421

The CVE-2008-5421 issue affects NetWin SmsGate 1.1n and earlier, where the SSL web administration service can be remotely caused to hang (DoS) by HTTP Content-Length header values: (1) an excessively large integer, (2) an invalid value such as a negative integer, or (3) a missing Content-Length h...

5CVSS6.7AI score0.01435EPSS
Exploits1References3Affected Software1
securityvulns
securityvulns
added 2008/09/20 12:0 a.m.28 views

[AJECT] SurgeMail IMAP 3.9e vulnerability

---------------------------------------- Synopsis ---------------------------------------- SurgeMail Mail Server 3.9e Windows and Unix-based versions is vulnerable to denial-of-service DoS attacks. The nature of the crash may indicate a buffer overflow problem, but the developers claimed otherwis...

2.3AI score
Exploits0
NVD
NVD
added 2008/06/25 12:36 p.m.25 views

CVE-2008-2859

Unspecified vulnerability in the IMAP service in NetWin SurgeMail before 3.9g2 allows remote attackers to cause a denial of service daemon crash via unknown vectors related to an "imap command."...

5CVSS6.3AI score0.03377EPSS
Exploits0References6
Cvelist
Cvelist
added 2008/06/25 10:0 a.m.18 views

CVE-2008-2859

Unspecified vulnerability in the IMAP service in NetWin SurgeMail before 3.9g2 allows remote attackers to cause a denial of service daemon crash via unknown vectors related to an "imap command."...

6.3AI score0.03377EPSS
Exploits0References6
CVE
CVE
added 2008/06/25 10:0 a.m.59 views

CVE-2008-2859

NetWin SurgeMail IMAP service prior to 3.9g2 is affected by an unspecified vulnerability described as CVE-2008-2859 that allows remote attackers to cause a denial of service (daemon crash) via unknown vectors related to an “imap command.” The NVD entry lists this as a MEDIUM-severity issue (CVSSv...

5CVSS6.4AI score0.03377EPSS
Exploits0References6Affected Software1
Prion
Prion
added 2008/03/25 7:44 p.m.12 views

Stack overflow

Stack-based buffer overflow in the IMAP service in NetWin Surgemail 3.8k4-4 and earlier allows remote authenticated users to execute arbitrary code via a long first argument to the LIST command...

9CVSS8AI score0.07556EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2008/03/25 7:44 p.m.21 views

CVE-2008-1497

Stack-based buffer overflow in the IMAP service in NetWin SurgeMail 38k4-4 and earlier allows remote authenticated users to execute arbitrary code via long arguments to the LSUB command...

9CVSS7.6AI score0.06299EPSS
Exploits1References7
NVD
NVD
added 2008/03/25 7:44 p.m.21 views

CVE-2008-1498

Stack-based buffer overflow in the IMAP service in NetWin Surgemail 3.8k4-4 and earlier allows remote authenticated users to execute arbitrary code via a long first argument to the LIST command...

9CVSS7.6AI score0.07556EPSS
Exploits0References5
Prion
Prion
added 2008/03/25 7:44 p.m.13 views

Stack overflow

Stack-based buffer overflow in the IMAP service in NetWin SurgeMail 38k4-4 and earlier allows remote authenticated users to execute arbitrary code via long arguments to the LSUB command...

9CVSS8AI score0.06299EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2008/03/25 7:0 p.m.22 views

CVE-2008-1498

Stack-based buffer overflow in the IMAP service in NetWin Surgemail 3.8k4-4 and earlier allows remote authenticated users to execute arbitrary code via a long first argument to the LIST command...

7.6AI score0.07556EPSS
Exploits0References5
Rows per page
Query Builder