10 results (0.006 seconds)

CVSS: 5.0EPSS: 1%CPEs: 14EXPL: 0

Clearswift MAILsweeper for SMTP before 4.3_13 allows remote attackers to cause a denial of service (infinite loop) via an e-mail with a crafted RAR archive attached. • http://www.osvdb.org/3742 http://www.secunia.com/advisories/10732 http://www.securityfocus.com/bid/9556 https://exchange.xforce.ibmcloud.com/vulnerabilities/14979 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Clearswift MAILsweeper before 4.3.15 does not properly detect and filter RAR 3.20 encoded files, which allows remote attackers to bypass intended policy. Clearswift MAILsweepe anteriores a 4.3.15 no detecta y filtra adecuadamente ficheros codificados RAR 3.20, lo que permite a atacantes remotos saltarse la política pretendida. • http://marc.info/?l=bugtraq&m=109241692108678&w=2 http://www.corsaire.com/advisories/c030807-001.txt •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Clearswift MAILsweeper before 4.3.15 does not properly detect filenames in BinHex (HQX) encoded files, which allows remote attackers to bypass intended policy. Clearswift MAILsweeper anteriores a 4.3.15 no detecta nombres de fichero en ficheros codificados BinHex (HQX), lo que permite a atacantes remotos sortear la política pretendida. • http://marc.info/?l=bugtraq&m=109241692108678&w=2 http://www.corsaire.com/advisories/c030807-001.txt •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Clearswift MAILsweeper before 4.3.15 does not properly detect and filter ZIP 6.0 encoded files, which allows remote attackers to bypass intended policy. Cleanswift MAILsweeper anteriores a 4.3.15 no detectan y filtran de manera adecuada ficheros codificados ZIP 6.0, lo que permite a atacantes remotos saltarse la política pretendida. • http://marc.info/?l=bugtraq&m=109241692108678&w=2 http://www.corsaire.com/advisories/c030807-001.txt •

CVSS: 6.4EPSS: 0%CPEs: 50EXPL: 1

Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path"). Múltiples vulnerabilidades de atravesamiento de directorios en LHA 1.14 permite a atacantes locales o usuarios locales crear ficheros arbitrarios mediante un archivo LHA conteniendo nombres de fichero con secuencias (1) ".." (punto punto) o (2) rutas absolutas con barra inicial doble ("//ruta/absoluta"). • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000840 http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html http://marc.info/?l=bugtraq&m=108422737918885&w=2 http://security.gentoo.org/glsa/glsa-200405-02.xml http://www.debian.org/security/2004/dsa-515 http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html http://www.redhat.com/support/errata/RHSA-2004-178.html http://www.redhat.com/support/errata/RHSA-2004-179.html h •