Eserv Security Vulnerabilities and Issues — Eserv CVE List

Lucene search

EtypeEserv

11 matches found

CVE•added 2000/12/19 5:0 a.m.•47 views

CVE-2000-0907

EServ 2.92 Build 2982 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via long HELO and MAIL FROM commands.

7.5CVSS8.1AI score0.02164EPSS

CVE•added 2002/05/16 4:0 a.m.•44 views

CVE-2002-0222

Etype Eserv 2.97 allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command.

7.5CVSS6.7AI score0.00717EPSS

CVE•added 2002/05/16 4:0 a.m.•42 views

CVE-2002-0221

Etype Eserv 2.97 allows remote attackers to cause a denial of service (resource exhaustion) via a large number of PASV commands that consume ports 1024 through 5000, which prevents the server from accepting valid PASV.

5CVSS7.2AI score0.00739EPSS

CVE•added 2006/06/02 12:2 a.m.•40 views

CVE-2006-2309

The HTTP service in EServ/3 3.25 allows remote attackers to obtain sensitive information via crafted HTTP requests containing dot, space, and slash characters, which reveals the source code of script files.

4CVSS6.4AI score0.00229EPSS

CVE•added 2001/01/22 5:0 a.m.•39 views

CVE-2000-0523

Buffer overflow in the logging feature of EServ 2.9.2 and earlier allows an attacker to execute arbitrary commands via a long MKD command.

10CVSS8AI score0.04585EPSS

CVE•added 2001/09/12 4:0 a.m.•38 views

CVE-1999-1509

Directory traversal vulnerability in Etype Eserv 2.50 web server allows a remote attacker to read any file in the file system via a .. (dot dot) in a URL.

5CVSS6.5AI score0.03447EPSS

CVE•added 2005/11/16 7:37 a.m.•38 views

CVE-2003-1266

The (1) FTP, (2) POP3, (3) SMTP, and (4) NNTP servers in EServer 2.92 through 2.97, and possibly 2.98, allow remote attackers to cause a denial of service (crash) via a large amount of data.

5CVSS7.1AI score0.12258EPSS

CVE•added 2003/06/16 4:0 a.m.•36 views

CVE-2003-0290

Memory leak in eServ 2.9x allows remote attackers to cause a denial of service (memory exhaustion) via a large number of connections, whose memory is not freed when the connection is terminated.

5CVSS6.9AI score0.13342EPSS

CVE•added 2006/06/02 12:2 a.m.•36 views

CVE-2006-2308

Directory traversal vulnerability in the IMAP service in EServ/3 3.25 allows remote authenticated users to read other user's email messages, create/rename arbitrary directories on the system, and delete empty directories via directory traversal sequences in the (1) CREATE, (2) SELECT, (3) DELETE, (...

5.5CVSS6.3AI score0.0223EPSS

CVE•added 2008/10/15 10:45 p.m.•34 views

CVE-2008-4588

Stack-based buffer overflow in the FTP server in Etype Eserv 3.x, possibly 3.26, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long argument to the ABOR command.

10CVSS8.1AI score0.09261EPSS

Web

CVE•added 2002/03/25 5:0 a.m.•31 views

CVE-2002-0112

Etype Eserv 2.97 allows remote attackers to view password protected files via /./ in the URL.

5CVSS7.2AI score0.07497EPSS