558 matches found
eXtremail 1.x/2.1 - Remote Format String (1)
// source: https://www.securityfocus.com/bid/2908/info eXtremail is a freeware SMTP server available for Linux and AIX. eXtremail contains a format-string vulnerability in its logging mechanism. Attackers can send SMTP commands argumented with maliciously constructed arguments that will exploit...
CVE-2001-0280
Buffer overflow in MERCUR SMTP server 3.30 allows remote attackers to execute arbitrary commands via a long EXPN command...
Advisory for Viking
Advisory for Viking Viking is made by Robtex. Site: http://www.robtex.com/viking by nemesystm of the DHC http://dhcorp.cjb.net - [email protected] ADV-0107 /-|=explanation=|- Viking is a webserver. It has a simple hex encoded dot dot bug. /-|=who is vulnerable=|- Tested to be vulnerable: Viki...
Lotus Domino SMTP Server Allows Anonymous Relay of Quoted Addresses
Overview Lotus Domino includes an SMTP server. Under certain configurations, an intruder may be able to relay mail to third parties through the Domino SMTP server. Description An "open" mail server is one that will send mail that is not addressed to and does not originate from a local user. Open...
CVE-2001-1445
Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through 5.7 allows remote attackers to bypass mail relaying restrictions via crafted e-mail addresses in "RCPT TO" commands...
MERCUR SMTP Server EXPN Command Remote Overflow
It was possible to make the remote mail server crash when issuing a very long argument to the EXPN command. A remote attacker could exploit this flaw to crash the service, or possibly execute arbitrary code. C Tenable Network Security, Inc. Script audit and contributions from Carmichael Security...
Mercur Mailserver 3.3 buffer overflow with EXPN
By default SMTP server is installed to be run from LocalSystem account. This makes it easy to make any action on the target system if an attacker could gain control over the code execution flow of the product. Particulary, MERCUR SMTP-Service binary MCRSMTP.EXE version 3.30.3.0 suffers from buffe...
Atrium Software Mercur Mail Server 3.3 - EXPN Buffer Overflow
Atrium Software Mercur Mail Server 3.3 - EXPN Buffer Overflow // source: https://www.securityfocus.com/bid/2412/info Atrium Software Mercur Mail Server 3.3 contains an unchecked buffer for the EXPN command which may lead to a denial of service attack or execution of arbitrary code depending on th...
Atrium Software Mercur Mail Server 3.3 - EXPN Buffer Overflow
// source: https://www.securityfocus.com/bid/2412/info Atrium Software Mercur Mail Server 3.3 contains an unchecked buffer for the EXPN command which may lead to a denial of service attack or execution of arbitrary code depending on the data entered. If a remote attacker were to telnet to the SMT...
Buffer Overflow in Lotus Domino Mail Server
Overview Lotus Domino R5 SMTP Server Contains a Buffer Overflow Description The Lotus Domino R5 SMTP server allows an administrator to restrict the domains from which the server will accept mail. In versions of Domino R5 prior to version 5.0.6 with domain restrictions enabled an intruder may be...
Lotus Domino SMTP ENVID Variable Handling RCE
The Lotus Domino SMTP server running on the remote host is affected by a buffer overflow condition due to improper validation of input to the ENVID variable within a MAIL FROM command. An unauthenticated, remote attack can exploit this, via a overly long ENVID value, to cause a denial of service...
[SAFER] Buffer overflow in Lotus Domino SMTP Server
S.A.F.E.R. Security Bulletin 001103.EXP.1.9 TITLE : Buffer overflow in Lotus Domino SMTP Server DATE : November 03, 2000 NATURE : Remote execution of code, Denial-of-Service AFFECTED : Lotus Notes/Domino 5 up to and including 5.04 PROBLEM: Buffer overflow exists in Lotus Domino SMTP server, which...
Nevis Systems All-Mail 1.1 - Remote Buffer Overflow
Nevis Systems All-Mail 1.1 - Remote Buffer Overflow // source: https://www.securityfocus.com/bid/1789/info All-mail is an smtp server for Windows NT and 2000 platforms offered by Nevis Systems. It is vulnerable to remotely exploitable buffer overflow attacks that may lead to an attacker gaining...
Nevis Systems All-Mail 1.1 - Remote Buffer Overflow
// source: https://www.securityfocus.com/bid/1789/info All-mail is an smtp server for Windows NT and 2000 platforms offered by Nevis Systems. It is vulnerable to remotely exploitable buffer overflow attacks that may lead to an attacker gaining control of the victim host. The condition is known to...
ITHouse Mail Server v1.04 To: Field Handling Overflow
The remote SMTP server is ITHouse Mail Server. Versions 1.04 or earlier of this server are vulnerable to a buffer overrun which happens during the delivery routine of the mails if an attacker has sent a message with a too long 'To:' field. An attacker may use this flaw to execute arbitrary code o...
NetWin DSMTP (Dmail) ETRN Command Overflow
The remote SMTP server is vulnerable to a buffer overflow when the ETRN command is issued arguments which are too long. A remote attacker could exploit this to crash the SMTP server, or possibly execute arbitrary code. C Tenable Network Security, Inc. include"compat.inc"; if description...
Imate SMTP Server HELO Command Remote Overflow DoS
The remote SMTP server crashes when it is issued a HELO command with an argument longer than 1200 chars. This problem may allow an attacker to shut down your SMTP server. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10435; scriptversion "1.28";...
Infinite loop in LOTUS NOTE 5.0.3. SMTP SERVER
Maybe this is a configuration error in the server where I tryed this but anyway here is the message that I sent : helo xpto.pt mail from: non-existant-user@ipadressoflotusserver mail to : non-existant-user data testing123 . So Lotus Notes SMTP Server now will loop forever trying to tell to the...
Nosque Workshop MsgCore 1.9 - Denial of Service
source: https://www.securityfocus.com/bid/930/info There is a denial of service condition in Nosque Workshop's MsgCore SMTP server. The problem lies in memory used to store server input not being deallocated and eventually exhausted, causing the target NT host to freeze requiring a reboot. If a...
CSM Mail Server MTA 'HELO' DoS
The remote SMTP server is vulnerable to a buffer overflow attack. This issue is triggered by issuing the 'HELO' command followed by a long argument. A remote attacker could exploit this to crash the server, or possibly execute arbitrary code. C Tenable Network Security, Inc. include"compat.inc"; ...