CVE-2006-2659
https://notcve.org/view.php?id=CVE-2006-2659
libs/comverp.c in Courier MTA before 0.53.2 allows attackers to cause a denial of service (CPU consumption) via unknown vectors involving usernames that contain the "=" (equals) character, which is not properly handled during encoding. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=368834 http://secunia.com/advisories/20519 http://secunia.com/advisories/20548 http://secunia.com/advisories/20792 http://secunia.com/advisories/21350 http://security.gentoo.org/glsa/glsa-200608-06.xml http://securitytracker.com/id?1016248 http://www.courier-mta.org/beta/patches/verp-fix/README.txt http://www.debian.org/security/2006/dsa-1101 http://www.securityfocus.com/bid/18345 http://www.vupen.com/english/advisori •
CVE-2002-1311
https://notcve.org/view.php?id=CVE-2002-1311
Courier sqwebmail before 0.40.0 does not quickly drop privileges after startup in certain cases, which could allow local users to read arbitrary files. Courier sqwebmail antes de 0.40.0 no deja privilegios rápidamente despues del inicio, lo que podría permitir a usuarios locales leer ficheros arbitrarios. • http://marc.info/?l=bugtraq&m=103794021013436&w=2 http://www.debian.org/security/2002/dsa-197 http://www.iss.net/security_center/static/10643.php http://www.securityfocus.com/bid/6189 •