Cobalt Raq 2 Security Vulnerabilities - CVSS Score 5 - 6

CVE-1999-0831

Denial of service in Linux syslogd via a large number of connections.

CVE-2000-0234

The default configuration of Cobalt RaQ2 and RaQ3 as specified in access.conf allows remote attackers to view sensitive contents of a .htaccess file.

CVE-2000-0320

Qpopper 2.53 and 3.0 does not properly identify the \n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 1023 characters long and ends in \n.

CVE-2002-0347

Directory traversal vulnerability in Cobalt RAQ 4 allows remote attackers to read password-protected files, and possibly files outside the web root, via a .. (dot dot) in an HTTP request.