Lucene search
K
NetwinDmail

6 matches found

CVE
CVE
added 2002/06/11 4:0 a.m.51 views

CVE-2001-1354

The CVE-2001-1354 entry concerns the NetWin Authentication module (NWAuth) versions 2.0 and 3.0b, as implemented in SurgeFTP and DMail (and possibly other packages). The root cause is weak password hashing used by NWAuth, which could enable local users to decrypt stored passwords or to log in wit...

4.6CVSS7AI score0.00778EPSS
CVE
CVE
added 2002/06/11 4:0 a.m.51 views

CVE-2001-1355

Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail and SurgeFTP (and possibly other packages), could allow attackers to execute arbitrary code via long arguments to the -del or -lookup commands. The vulnerability is a result of unsafe handling of l...

10CVSS8.2AI score0.03565EPSS
CVE
CVE
added 2005/05/11 4:0 a.m.51 views

CVE-2005-1478

CVE-2005-1478 affects NetWin DMail 3.1a DSmtp (dsmtp.exe) where a format-string vulnerability in the xtellmail command allows remote code execution. The root cause is improper handling of format specifiers in DSmtp; impact is arbitrary code execution on the server. Public exploit details are not ...

7.5CVSS7.7AI score0.04837EPSS
CVE
CVE
added 2000/06/15 4:0 a.m.50 views

CVE-2000-0422

CVE-2000-0422 : Buffer overflow in the Netwin DMailWeb CGI program allows remote attackers to execute arbitrary commands via a long utoken parameter. Affected component: Netwin DMailWeb CGI. Impact: arbitrary command execution; no patch/mitigation details are provided in the supplied documents. E...

7.5CVSS8.2AI score0.0203EPSS
CVE
CVE
added 2000/10/13 4:0 a.m.40 views

CVE-2000-0490

CVE-2000-0490 : Buffer overflow in the NetWin DSMTP 2.7q (NetWin dmail) allows remote attackers to execute arbitrary commands via a long ETRN request. Affected component is the DSMTP server; root cause is a buffer overflow in processing the ETRN arguments, leading to potentially arbitrary code ex...

10CVSS7.8AI score0.0624EPSS
CVE
CVE
added 2005/05/11 4:0 a.m.37 views

CVE-2005-1516

The CVE-2005-1516 issue affects NetWin DMail 3.1a’s DList component. The vulnerability enables a remote attacker to bypass authentication, read log files, and shut down the system by sending a log request (sendlog) with an incorrect password hash, which is not properly handled by the internal _cm...

7.5CVSS6.9AI score0.01635EPSS