vpopmail software vulnerabilities
vulnerabilities.aspcode.net
Searching vpopmail software vulnerabilities
** DISPUTED ** Format string vulnerability in v
vulnerability
|
vsybasec
|
DISPUTED
|
vpopmail
|
Format
|
string
|
** DISPUTED ** Format string vulnerability in vsybase.c in vpopmail 5.4.2 and earlier has unknown impact and attack vectors. NOTE: in a followup post, it was observed that the source code used constants that, when compiled, became static format strings. Thus this is not a vulnerability.
Buffer overflow in vsybase.c in vpopmail 5.4.2
vsybasec
|
vpopmail
|
overflow
|
Buffer
|
Buffer overflow in vsybase.c in vpopmail 5.4.2 and earlier might allow attackers to cause a denial of service or execute arbitrary code.
vpopmail 5.4.14 and 5.4.15, with cleartext pass
vpopmail
|
vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, allows remote attackers to authenticate to an account that does not have a cleartext password set by using a blank password to (1) SMTP AUTH or (2) APOP.
SpamAssassin before 3.1.3, when running with vp
SpamAssassin
|
before
|
SpamAssassin before 3.1.3, when running with vpopmail and the paranoid (-P) switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username.
SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 200
SpamAssassin
|
31x
|
SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before Monday, June 11, 2007, when running as root in unusual configurations using vpopmail or virtual users, allows local users to cause a denial of service (corrupt arbitrary files) via a symlink attack on a file that is used by spamd.
Software vulnerabilities results 1 to 6 of 6
Page:
1