Lucene search
K

103 matches found

Cvelist
Cvelist
added 2017/06/12 8:0 p.m.26 views

CVE-2015-9097

The mail gem before 2.5.5 for Ruby aka A Really Ruby Mail Library is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring...

6.8AI score0.03358EPSS
Exploits1References7
Debian CVE
Debian CVE
added 2017/06/12 8:0 p.m.17 views

CVE-2015-9097

The mail gem before 2.5.5 for Ruby aka A Really Ruby Mail Library is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring...

6.1CVSS6.8AI score0.03358EPSS
Exploits1
Debian CVE
Debian CVE
added 2017/06/12 8:0 p.m.31 views

CVE-2015-9096

Removed by vendor...

6.1CVSS7.8AI score0.03675EPSS
Exploits1
Hacker One
Hacker One
added 2016/05/10 7:39 p.m.51 views

Ruby: SMTP command injection

Net::SMTP is vulnerable to RCPT TO/MAIL FROM injection due to lack of input validation and conformance to the SMTP protocol. Publicly disclosed already: http://www.mbsd.jp/Whitepaper/smtpi.pdf People are wrongly assigning this to the mail gem http://rubysec.com/advisories/OSVDB-131677/ and thinki...

0.1AI score
Exploits0
OSV
OSV
added 2015/12/16 9:59 p.m.8 views

CVE-2015-8476

Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow attackers to inject arbitrary SMTP commands via CRLF sequences in an 1 email address to the validateAddress function in class.phpmailer.php or 2 SMTP command to the sendCommand function in class.smtp.php, a different...

7.1AI score
Exploits0References8
OSV
OSV
added 2015/12/16 9:59 p.m.1 views

DEBIAN-CVE-2015-8476

Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow attackers to inject arbitrary SMTP commands via CRLF sequences in an 1 email address to the validateAddress function in class.phpmailer.php or 2 SMTP command to the sendCommand function in class.smtp.php, a different...

5CVSS8.2AI score0.01988EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2015/12/16 9:59 p.m.21 views

CVE-2015-8476

Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow attackers to inject arbitrary SMTP commands via CRLF sequences in an 1 email address to the validateAddress function in class.phpmailer.php or 2 SMTP command to the sendCommand function in class.smtp.php, a different...

5CVSS7.2AI score0.01988EPSS
Exploits0References2
OSV
OSV
added 2015/12/16 9:59 p.m.5 views

UBUNTU-CVE-2015-8476

Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow attackers to inject arbitrary SMTP commands via CRLF sequences in an 1 email address to the validateAddress function in class.phpmailer.php or 2 SMTP command to the sendCommand function in class.smtp.php, a different...

5CVSS7.3AI score0.01988EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2015/12/16 9:0 p.m.43 views

CVE-2015-8476

Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow attackers to inject arbitrary SMTP commands via CRLF sequences in an 1 email address to the validateAddress function in class.phpmailer.php or 2 SMTP command to the sendCommand function in class.smtp.php, a different...

5CVSS8.2AI score0.01988EPSS
Exploits0
RubySec
RubySec
added 2015/12/09 12:0 a.m.28 views

SMTP command injection

Net::SMTP is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring. Applications that validate email address format are not affected by this vulnerability. The injection attack is...

6.1CVSS6.9AI score0.03675EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2010/04/13 12:0 a.m.302 views

MS10-024: Vulnerabilities in Microsoft Exchange and Windows SMTP Service Could Allow Denial of Service (981832) (uncredentialed check)

The installed version of Microsoft Exchange / Windows SMTP Service is affected by at least one vulnerability : - Incorrect parsing of DNS Mail Exchanger MX resource records could cause the Windows Simple Mail Transfer Protocol SMTP component to stop responding until the service is restarted...

5CVSS5.5AI score0.21491EPSS
Exploits1References3
Prion
Prion
added 2008/07/27 11:41 p.m.12 views

Sql injection

Unspecified vulnerability in PunBB before 1.2.19 allows remote attackers to inject arbitrary SMTP commands via unknown vectors...

10CVSS7.5AI score0.0266EPSS
Exploits0References6Affected Software1
securityvulns
securityvulns
added 2007/08/13 12:0 a.m.38 views

Qbik WinGate format string vulnerability

Unsafe vsprintf call on invalid SMTP command...

2.1AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2006/02/28 12:0 a.m.41 views

[ISecAuditors Advisories] IMAP/SMTP Injection in SquirrelMail

============================================= INTERNET SECURITY AUDITORS ALERT 2006-002 - Original release date: February 27, 2006 - Last revised: February 27, 2006 - Discovered by: Vicente Aguilera Diaz - Severity: 3/5 ============================================= I. VULNERABILITY...

5CVSS0.3AI score0.02296EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2005/08/02 12:0 a.m.13 views

BusinessMail SMTP < 4.7 Multiple Command Remote Overflows

Binary data 3155.prm...

5CVSS7.3AI score0.04583EPSS
Exploits1References1
securityvulns
securityvulns
added 2005/07/13 12:0 a.m.22 views

Multiple SoftiaCom wMailServer vulnerabilities

Users passwords are stored in unsafe place. Buffer overflow on oversized SMTP command...

5.2AI score
Exploits0References2Affected Software1
NVD
NVD
added 2005/05/11 4:0 a.m.22 views

CVE-2005-1514

commands.c in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SMTP command without a space character, which causes an array to be referenced with a negative index...

5CVSS9.7AI score0.06572EPSS
Exploits2References11
Cvelist
Cvelist
added 2005/05/11 4:0 a.m.28 views

CVE-2005-1514

commands.c in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SMTP command without a space character, which causes an array to be referenced with a negative index...

8.9AI score0.06572EPSS
Exploits2References11
Debian CVE
Debian CVE
added 2005/05/11 4:0 a.m.38 views

CVE-2005-1514

Removed by vendor...

5CVSS7.4AI score0.06572EPSS
Exploits2
securityvulns
securityvulns
added 2004/04/27 12:0 a.m.25 views

Remote Format String Vulnerabilities in eXtremail

Package: eXtremail Auth: http://www.extremail.com/ Versions: 1.5.9 current release Vulnerability: Format String What’s eXtremail: eXtremail is a Unix mail server that supports SMTP/POP3/IMAP protocols. It includes support for virtual domains, spoofing attack ,SSL connection and Antivirus checking...

0.3AI score
Exploits0
Rows per page
Query Builder