5 matches found
EUVD-2002-0415
Malware in sbrugna...
CVE-2002-0418
Directory traversal vulnerability in the com.endymion.sake.servlet.mail.MailServlet servlet for Endymion SakeMail 1.0.36 and earlier allows remote attackers to read arbitrary files via a .. dot dot and a null character in the paramname parameter...
CVE-2002-0418
The CVE-2002-0418 issue affects Endymion SakeMail prior to 1.0.36, specifically the com.endymion.sake.servlet.mail.MailServlet. The vulnerability is a directory-traversal in the param_name parameter, triggered by a ". ." sequence and a null character, allowing remote attackers to read arbitrary f...
CVE-2002-0418
Directory traversal vulnerability in the com.endymion.sake.servlet.mail.MailServlet servlet for Endymion SakeMail 1.0.36 and earlier allows remote attackers to read arbitrary files via a .. dot dot and a null character in the paramname parameter...
Endymion SakeMail and MailMan File Disclosure Vulnerability
Product: SakeMail - Webmailsystem http://www.endymion.com Problem Description: due to missing input-validation it is possible to read xml/other files with sakemails permissions read THIS javanullbyte.html for additional infos on nullbytes and java-classes! Example: a HTTP-request to:...