CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2019-18862 – GNU Mailutils 3.7 - Privilege Escalation
https://notcve.org/view.php?id=CVE-2019-18862
maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode. maidag en GNU Mailutils versiones anteriores 3.8, se instaló un setuid y permite una escalada de privilegios locales en el modo url. GNU Mailutils versions 2.0 through 3.7 suffer from a local privilege escalation vulnerability. • https://www.exploit-db.com/exploits/47703 http://packetstormsecurity.com/files/155425/GNU-Mailutils-3.7-Privilege-Escalation.html https://git.savannah.gnu.org/cgit/mailutils.git/tree/NEWS https://security.gentoo.org/glsa/202006-12 •
CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 0CVE-2005-1522
https://notcve.org/view.php?id=CVE-2005-1522
The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authenticated remote users to cause a denial of service (CPU consumption) via a large range value in the FETCH command. • http://secunia.com/advisories/15442 http://securitytracker.com/id?1014052 http://www.debian.org/security/2005/dsa-732 http://www.idefense.com/application/poi/display?id=247&type=vulnerabilities http://www.securityfocus.com/bid/13765 •
CVSS: 7.5EPSS: 5%CPEs: 2EXPL: 0CVE-2005-1521
https://notcve.org/view.php?id=CVE-2005-1521
Integer overflow in the fetch_io function of the imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a partial message request with a large value in the END parameter, which leads to a heap-based buffer overflow. • http://secunia.com/advisories/15442 http://securitytracker.com/id?1014052 http://www.debian.org/security/2005/dsa-732 http://www.idefense.com/application/poi/display?id=248&type=vulnerabilities http://www.securityfocus.com/bid/13763 •
CVSS: 7.5EPSS: 82%CPEs: 2EXPL: 1CVE-2005-1523 – GNU Mailutils imap4d 0.6 - Remote Format String
https://notcve.org/view.php?id=CVE-2005-1523
Format string vulnerability in imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via format string specifiers in the command tag for IMAP commands. • https://www.exploit-db.com/exploits/1123 http://secunia.com/advisories/15442 http://securitytracker.com/id?1014052 http://www.debian.org/security/2005/dsa-732 http://www.idefense.com/application/poi/display?id=246&type=vulnerabilities http://www.securityfocus.com/bid/13764 •
CVSS: 7.5EPSS: 11%CPEs: 2EXPL: 1CVE-2005-1520 – GNU Mailutils 0.6 - Mail Email Header Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-1520
Buffer overflow in the header_get_field_name function in header.c for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a crafted e-mail. • https://www.exploit-db.com/exploits/25706 http://secunia.com/advisories/15442 http://securitytracker.com/id?1014052 http://www.debian.org/security/2005/dsa-732 http://www.idefense.com/application/poi/display?id=249&type=vulnerabilities http://www.securityfocus.com/bid/13766 •