EUVD-2003-1192

Malware in sbrugna...

EUVD-2004-1985

Malware in sbrugna...

CVE-2004-1993

The CVE-2004-1993 issue affects omail webmail 0.98.5 and stems from an incomplete patch to the checklogin function in omail.pl, which allows remote attackers to run arbitrary commands via shell metacharacters such as backticks in the password. NVD lists a CVSS2 base score of 10.0 (NETWORK, LOW co...

CVE-2003-1202

The checklogin function in omail.pl for omail webmail 0.98.4 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a 1 password, 2 domainname, or 3 username...

CVE-2004-1993

The patch to the checklogin function in omail.pl for omail webmail 0.98.5 is incomplete, which allows remote attackers to execute arbitrary commands via shell metacharacters such as "" backticks in the password...

Remote Execution of Commands in Omail Webmail 0.98.4 and earlier

Product: Omail Webmail Author: Olivier Mueller Vulnerable Versions: - 0.98.x - 0.97.x - ... Omail is a Webmail coded in perl for qmail, optionally with vmailmgr or vpopmail. There is a security flaw in Omail which, if installed by default, allows for remote root access. The minimum risk is exposu...

CVE-2003-1202

The checklogin function in omail.pl for omail webmail 0.98.4 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a 1 password, 2 domainname, or 3 username...