CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2019-18862 – GNU Mailutils 3.7 - Privilege Escalation
https://notcve.org/view.php?id=CVE-2019-18862
maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode. maidag en GNU Mailutils versiones anteriores 3.8, se instaló un setuid y permite una escalada de privilegios locales en el modo url. GNU Mailutils versions 2.0 through 3.7 suffer from a local privilege escalation vulnerability. • https://www.exploit-db.com/exploits/47703 http://packetstormsecurity.com/files/155425/GNU-Mailutils-3.7-Privilege-Escalation.html https://git.savannah.gnu.org/cgit/mailutils.git/tree/NEWS https://security.gentoo.org/glsa/202006-12 •
CVSS: 7.5EPSS: 87%CPEs: 1EXPL: 4CVE-2005-2878 – GNU Mailutils imap4d 0.6 (FreeBSD) - 'Search' Remote Format String
https://notcve.org/view.php?id=CVE-2005-2878
Format string vulnerability in search.c in the imap4d server in GNU Mailutils 0.6 allows remote authenticated users to execute arbitrary code via format string specifiers in the SEARCH command. • https://www.exploit-db.com/exploits/1234 https://www.exploit-db.com/exploits/3787 https://www.exploit-db.com/exploits/1209 http://marc.info/?l=bugtraq&m=112785181316043&w=2 http://savannah.gnu.org/patch/index.php?func=detailitem&item_id=4407 http://secunia.com/advisories/16783 http://secunia.com/advisories/17020 http://www.debian.org/security/2005/dsa-841 http://www.gentoo.org/security/en/glsa/glsa-200509-10.xml http://www.idefense.com/application/poi/display&# •
CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 0CVE-2005-1522
https://notcve.org/view.php?id=CVE-2005-1522
The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authenticated remote users to cause a denial of service (CPU consumption) via a large range value in the FETCH command. • http://secunia.com/advisories/15442 http://securitytracker.com/id?1014052 http://www.debian.org/security/2005/dsa-732 http://www.idefense.com/application/poi/display?id=247&type=vulnerabilities http://www.securityfocus.com/bid/13765 •
CVSS: 7.5EPSS: 5%CPEs: 2EXPL: 0CVE-2005-1521
https://notcve.org/view.php?id=CVE-2005-1521
Integer overflow in the fetch_io function of the imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a partial message request with a large value in the END parameter, which leads to a heap-based buffer overflow. • http://secunia.com/advisories/15442 http://securitytracker.com/id?1014052 http://www.debian.org/security/2005/dsa-732 http://www.idefense.com/application/poi/display?id=248&type=vulnerabilities http://www.securityfocus.com/bid/13763 •
CVSS: 7.5EPSS: 82%CPEs: 2EXPL: 1CVE-2005-1523 – GNU Mailutils imap4d 0.6 - Remote Format String
https://notcve.org/view.php?id=CVE-2005-1523
Format string vulnerability in imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via format string specifiers in the command tag for IMAP commands. • https://www.exploit-db.com/exploits/1123 http://secunia.com/advisories/15442 http://securitytracker.com/id?1014052 http://www.debian.org/security/2005/dsa-732 http://www.idefense.com/application/poi/display?id=246&type=vulnerabilities http://www.securityfocus.com/bid/13764 •