9 matches found
GHSA-524M-Q5M7-79MM Mailpit is vulnerable to Cross-Site WebSocket Hijacking (CSWSH) allowing unauthenticated access to emails
Summary The Mailpit WebSocket server is configured to accept connections from any origin. This lack of Origin header validation introduces a Cross-Site WebSocket Hijacking CSWSH vulnerability. An attacker can host a malicious website that, when visited by a developer running Mailpit locally,...
EUVD-2006-2914
Malware in sbrugna...
CVE-2020-27742
An Insecure Direct Object Reference vulnerability in Citadel WebCit through 926 allows authenticated remote attackers to read someone else's emails via the msgconfirmmove template. NOTE: this was reported to the vendor in a publicly archived "Multiple Security Vulnerabilities in WebCit 926" threa...
CVE-2019-12635
CVE-2019-12635 affects Cisco’s Content Security Management Appliance (SMA) software. The issue is in the authorization module where role permission controls are not correctly enforced, enabling an authenticated, remote attacker with a crafted/custom role to cause out-of-scope access to users’ ema...
Extmail security vulnerabilities-vulnerability warning-the black bar safety net
Vulnerability description: ExtMail Project is an active open source messaging system project is currently by ExtMail team maintenance. The item in 2 0 0 5 years 9 on 1 8 November the official launch, initially in the WebMail software is based, has been gradually formed ExtMail software series. Th...
CVE-2006-7111
Unspecified vulnerability in Futomi's CGI Cafe KMail CGI 1.0.3 and earlier allows remote attackers to bypass authentication and obtain unauthorized email access via unspecified vectors...
Foxmail 5.0 - PunyLib.dll Remote Stack Overflow
Foxmail 5.0 - PunyLib.dll Remote Stack Overflow / fmx.c - x86/win32 Foxmail 5.0 PunyLib.dll remote stack buffer overflow exploit C COPYRIGHT XFOCUS Security Team, 2004 All Rights Reserved ----------------------------------------------------------------------- Author : xfocus : http://www.xfocus.o...
Novell Groupwise contains protocol implementation vulnerability allowing email to be viewed by unauthorized user
Overview Novell GroupWise is an email storage program. Email is encrypted when stored. Usernames and passwords can be acquired by sniffing communications between the client and server. Description In Novell GroupWise email is stored as encrypted data. Clients and servers operating in Live Remote ...
elm_filter.txt
Subject: elm filter program To: [email protected] Mark Ultor wrote: I've found a bug in filter on Elm 2.4 PL25. filter got SGID on mail group. sowatech:$ filter -f perl -e ' print "A" x 5000' Segmentation fault "filter" is inherently unsafe. A bug has been described in 1995 which allows...