19 matches found
CLSA-2026-1775222005 python: Fix of CVE-2025-15367
CVE-2025-15367: reject control characters in POP3 commands to prevent command injection via newlines...
CLSA-2026-1774525255 python3.11: Fix of 4 CVEs
CVE-2026-0865: reject control characters in wsgiref.headers.Headers - CVE-2025-15366: reject control characters in IMAP commands - CVE-2025-15367: reject control characters in POP3 commands - CVE-2026-1299: verify headers are sound in email BytesGenerator...
CLSA-2026-1774520206 python3: Fix of CVE-2025-15367
CVE-2025-15367: reject control characters in POP3 commands to prevent command injection...
CLSA-2026-1774022191 python3.9: Fix of 4 CVEs
CVE-2026-0865: reject control characters in wsgiref headers - CVE-2025-15366: reject control characters in IMAP commands - CVE-2025-15367: reject control characters in POP3 commands - CVE-2026-1299: verify headers are sound in email BytesGenerator...
USN-8018-3 python2.7 vulnerabilities
USN-8018-1 fixed CVE-2025-12084, CVE-2025-15282, CVE-2026-0672, CVE-2026-0865 for python3. This update provides the corresponding updates for python2.7. Original advisory details: Denis Ledoux discovered that Python incorrectly parsed email message headers. An attacker could possibly use this iss...
CLSA-2026-1771931183 python2: Fix of CVE-2025-15367
CVE-2025-15367: reject control characters in POP3 commands to prevent command injection via embedded newlines...
CLSA-2026-1771930823 python2: Fix of CVE-2025-15367
CVE-2025-15367: reject control characters in POP3 commands to prevent command injection via embedded newlines...
CLSA-2026-1771499011 python3: Fix of 3 CVEs
CVE-2025-15366: reject control characters in IMAP commands - CVE-2025-15367: reject control characters in POP3 commands - CVE-2026-1299: reject the incorrectly folded headers in "BytesGenerator"...
CLSA-2026-1771494614 python3: Fix of 3 CVEs
CVE-2025-15366: reject control characters in IMAP commands - CVE-2025-15367: reject control characters in POP3 commands - CVE-2026-1299: reject the incorrectly folded headers in "BytesGenerator"...
CVE-2025-15367
A flaw was found in the poplib module in the Python standard library. The poplib module does not reject control characters, such as newlines, in user-controlled input passed to POP3 commands. This issue allows an attacker to inject additional commands to be executed in the POP3 server. Mitigation...
EUVD-2001-1059
Malware in sbrugna...
BaSoMail Multiple Buffer Overflow Denial of Service Exploit
No description provided by source. BaSoMail Multiple Buffer Overflow DOS 24 Oct 2004 - muts Probably exploitable - However, I lack sleep! import struct import socket print "\n\n" print "\nBaSoMail Multiple Buffer Overflow DOS" print "\nFound & coded by muts at whitehat.co.il" print "\nAlmost all...
BaSoMail Multiple Buffer Overflow Denial of Service Exploit
Exploit for unknown platform in category dos / poc =========================================================== BaSoMail Multiple Buffer Overflow Denial of Service Exploit =========================================================== BaSoMail Multiple Buffer Overflow DOS 24 Oct 2004 - muts Probably...
BaSoMail 1.24 - POP3 Server Denial of Service
source: https://www.securityfocus.com/bid/7724/info BaSoMail POP3 server has been reported prone to a remote denial of service vulnerability. It has been reported that a remote authenticated attacker, may supply negative value integers to several POP3 commands successively. If the attacker then...
CVE-2002-1066
Thomas Hauck Jana Server 1.4.6 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large message index value in a 1 RETR or 2 DELE command to the POP3 server, which exceeds the array limits and allows a buffer overflow attack...
CVE-2001-1078
Format string vulnerability in flog function of eXtremail 1.1.9 and earlier allows remote attackers to gain root privileges via format specifiers in the SMTP commands 1 HELO, 2 EHLO, 3 MAIL FROM, or 4 RCPT TO, and the POP3 commands 5 USER and 6 other commands that can be executed after POP3...
CVE-2001-1078
Format string vulnerability in flog function of eXtremail 1.1.9 and earlier allows remote attackers to gain root privileges via format specifiers in the SMTP commands 1 HELO, 2 EHLO, 3 MAIL FROM, or 4 RCPT TO, and the POP3 commands 5 USER and 6 other commands that can be executed after POP3...
Проблемы в SmartServer
Переполнение буфера в командах SMTP и POP3, кроме того, для для хранения паролей используется тривиальный обратимый алгоритм...
True North Software Internet Anywhere Mail Server 2.3.x - Mail Server Multiple Buffer Overflow
// source: https://www.securityfocus.com/bid/730/info // // True North Software's Internet Anywhere Mail Server has various weaknesses that could allow an attacker to remotely crash the server running this software.. The POP3 commands "list", "retr" .uidl" and "user" and the SMTP command "vrfy", ...