Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the ServeHTTP function, which does not sufficiently sanitize X- alias headers. An attacker can gain unauthenticated access to protected endpoints by injecting spoofed trust context with...

SUSE CVE-2009-1490

Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header...

CVE-2022-1325

A flaw was found in Clmg, where with the help of a maliciously crafted pandore or bmp file with modified dx and dy header field values it is possible to trick the application into allocating huge buffer sizes like 64 Gigabyte upon reading the file from disk or from a virtual buffer...

Sendmail 8.12.x - X-header Remote Heap Buffer Overflow (PoC)

Sendmail 8.12.x - X-header Remote Heap Buffer Overflow PoC source: https://www.securityfocus.com/bid/34944/info Sendmail is prone to a heap-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied input before copying it to an insufficiently sized buffer...

McAfee GroupShield for Exchange X-Header Security Bypass Vulnerability

This host is installed McAfee GroupShield for Microsoft Exchange and is prone to X-Header Security Bypass Vulnerability. OpenVAS Vulnerability Test $Id: gbmcafeegroupshieldexchangesecbypassvuln.nasl 8197 2017-12-20 12:50:38Z cfischer $ McAfee GroupShield for Exchange X-Header Security Bypass...

McAfee GroupShield for Exchange X-Header Security Bypass Vulnerability

McAfee GroupShield for Microsoft Exchange is prone to an X-Header security bypass vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

Sendmail X-header头远程堆溢出漏洞

BUGTRAQ ID: 34944 CVECAN ID: CVE-2009-1490 Sendmail是很多大型站点都在使用的邮件传输代理（MTA）。 如果远程攻击者向Sendmail发送了包含有超长X-header头的畸形报文的话，就可能触发堆溢出，导致拒绝服务或执行任意代码。 Sendmail 8.13.2 Sendmail Consortium ------------------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.sendmail.org/releases/8.13.2 $ telnet example.com 25...

DEBIAN-CVE-2009-1490

Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header...

CVE-2009-1490

Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header...

CVE-2002-1721

Off-by-one error in alterMIME 0.1.10 and 0.1.11 allows remote attackers to cause a denial of service crash via an x-header that causes snprintf overwrite the FFGETFILE variable with a null byte...

CVE-2002-1721

Off-by-one error in alterMIME 0.1.10 and 0.1.11 allows remote attackers to cause a denial of service crash via an x-header that causes snprintf overwrite the FFGETFILE variable with a null byte...

PT-2002-2443 · Altermime · Altermime

Name of the Vulnerable Software and Affected Versions: alterMIME versions 0.1.10 through 0.1.11 Description: The issue is caused by an off-by-one error that allows remote attackers to cause a denial of service, resulting in a crash. This is achieved via an x-header that causes snprintf to overwri...