7 results (0.018 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode. maidag en GNU Mailutils versiones anteriores 3.8, se instaló un setuid y permite una escalada de privilegios locales en el modo url. GNU Mailutils versions 2.0 through 3.7 suffer from a local privilege escalation vulnerability. • https://www.exploit-db.com/exploits/47703 http://packetstormsecurity.com/files/155425/GNU-Mailutils-3.7-Privilege-Escalation.html https://git.savannah.gnu.org/cgit/mailutils.git/tree/NEWS https://security.gentoo.org/glsa/202006-12 •

CVSS: 7.5EPSS: 87%CPEs: 1EXPL: 4

Format string vulnerability in search.c in the imap4d server in GNU Mailutils 0.6 allows remote authenticated users to execute arbitrary code via format string specifiers in the SEARCH command. • https://www.exploit-db.com/exploits/1234 https://www.exploit-db.com/exploits/3787 https://www.exploit-db.com/exploits/1209 http://marc.info/?l=bugtraq&m=112785181316043&w=2 http://savannah.gnu.org/patch/index.php?func=detailitem&item_id=4407 http://secunia.com/advisories/16783 http://secunia.com/advisories/17020 http://www.debian.org/security/2005/dsa-841 http://www.gentoo.org/security/en/glsa/glsa-200509-10.xml http://www.idefense.com/application/poi/display&# •

CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 0

The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authenticated remote users to cause a denial of service (CPU consumption) via a large range value in the FETCH command. • http://secunia.com/advisories/15442 http://securitytracker.com/id?1014052 http://www.debian.org/security/2005/dsa-732 http://www.idefense.com/application/poi/display?id=247&type=vulnerabilities http://www.securityfocus.com/bid/13765 •

CVSS: 7.5EPSS: 5%CPEs: 2EXPL: 0

Integer overflow in the fetch_io function of the imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a partial message request with a large value in the END parameter, which leads to a heap-based buffer overflow. • http://secunia.com/advisories/15442 http://securitytracker.com/id?1014052 http://www.debian.org/security/2005/dsa-732 http://www.idefense.com/application/poi/display?id=248&type=vulnerabilities http://www.securityfocus.com/bid/13763 •

CVSS: 7.5EPSS: 82%CPEs: 2EXPL: 1

Format string vulnerability in imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via format string specifiers in the command tag for IMAP commands. • https://www.exploit-db.com/exploits/1123 http://secunia.com/advisories/15442 http://securitytracker.com/id?1014052 http://www.debian.org/security/2005/dsa-732 http://www.idefense.com/application/poi/display?id=246&type=vulnerabilities http://www.securityfocus.com/bid/13764 •