4 matches found
CVE-2006-0447
CVE-2006-0447 involves multiple buffer overflows in E-Post Mail Server 4.10 and SPA-PRO Mail @Solomon 4.00. The vulnerability allows remote code execution when an attacker supplies a long username in several protocols. Specifically, issues arise in the AUTH PLAIN and AUTH LOGIN SMTP commands (han...
CVE-2006-0448
The CVE-2006-0448 entry describes multiple directory traversal vulnerabilities in the IMAP service of E-Post Mail 4.05 and SPA-PRO Mail 4.05, affecting components EPSTIMAP4S.EXE and SPA-IMAP4S.EXE. Attackers could remotely list arbitrary directories or cause a denial of service via the LIST comma...
CVE-2006-0449
The CVE-2006-0449 entry describes an early termination vulnerability in the IMAP service of E-Post Mail 4.05 and SPA-PRO Mail 4.05. The underlying issue allows remote attackers to trigger a denial of service (infinite loop) by sending an APPEND command and disconnecting before the expected amount...
CVE-2008-2049
The CVE-2008-2049 entry affects E-Post Mail Server 4.10, specifically the POP3 server EPSTPOP3S.EXE v4.22. The vulnerability arises from handling of crafted APOP commands for a known POP3 account, which can disclose the user password in a POP3 error message. This is a remote-authenticated exposur...