Page 2 of 10 results (0.017 seconds)

CVSS: 7.5EPSS: 26%CPEs: 40EXPL: 0

CVE-2011-3208 – cyrus-imapd: nntpd buffer overflow in split_wildmats()

https://notcve.org/view.php?id=CVE-2011-3208

Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command. Desbordamiento de búfer basado en la pila en la función split_wildmats en nntpd.c en nntpd en el servidor Cyrus IMAP antes de la verison v2.3.17 y en v2.4.x antes de v2.4.11 permite a atacantes remotos ejecutar código de su elección mediante un comando NNTP debidamente modificado. • http://asg.andrew.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce&msg=199 http://asg.andrew.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce&msg=200 http://git.cyrusimap.org/cyrus-imapd/commit/?id=0f8f026699829b65733c3081657b24e2174f4f4d http://git.cyrusimap.org/cyrus-imapd/commit/?id=3244c18c928fa331f6927e2b8146abe90feafddd http://lists.opensuse.org/opensuse-updates/2011-09/msg00019.html http://secunia.com/advisories/45938 http://secunia.com/advisories/45975 http://secunia.com/advisories • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.1EPSS: 1%CPEs: 35EXPL: 0

CVE-2011-1926 – cyrus-imapd: STARTTLS plaintext command injection

https://notcve.org/view.php?id=CVE-2011-1926

The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. La implementación STARTTLS en Cyrus IMAP Server anterior a v2.4.7 no restringe adecuadamente el búfer de Entrada/Salida, lo que permite ataques "man-in-the-middle" para insertar comandos en sesiones cifradas enviando un comando en texto claro que se procesa después de TLS en su lugar, relacionado con un ataque "inyección de comandos de texto claro", una tarea similar a CVE-2011-0411. • http://bugzilla.cyrusimap.org/show_bug.cgi?id=3423 http://bugzilla.cyrusimap.org/show_bug.cgi?id=3424 http://git.cyrusimap.org/cyrus-imapd/patch/?id=523a91a5e86c8b9a27a138f04a3e3f2d8786f162 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061374.html http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061415.html http://openwall.com/lists/oss-security/2011/05/17/15 http://openwall.com/lists/oss-security/2011/05/17/2 http://secunia.com/advisories/44670 ht • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2009-2632 – cyrus-imapd: buffer overflow in cyrus sieve

https://notcve.org/view.php?id=CVE-2009-2632

Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error. Un desbordamiento de búfer en el componente script SIEVE (archivo sieve/script.c), tal y como es usado en cyrus-imapd en IMAP Server versiones 2.2.13 y 2.3.14, y Dovecot versiones 1.0 anteriores a 1.0.4 y versiones 1.1 anteriores a 1.1.7, de Cyrus, permite a los usuarios locales ejecutar código arbitrario y leer o modificar mensajes arbitrarios por medio de un script SIEVE diseñado, relacionado con el uso incorrecto del operador sizeof para determinar la longitud del búfer, combinado con un error de firma de enteros. • http://dovecot.org/list/dovecot-news/2009-September/000135.html http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html http://secunia.com/advisories/36629 http://secunia.com/advisories/36632 http://secunia.com/advisories/36698 http://secunia.com/advisories/36713 http://secunia.com/advisories/36904 http://support.apple.com/kb/HT4077 http://www.debian.org/security/2009/dsa-1881 http:&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 0

CVE-2009-0663 – perl-DBD-Pg: pg_getline buffer overflow

https://notcve.org/view.php?id=CVE-2009-0663

Heap-based buffer overflow in the DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module 1.49 for Perl might allow context-dependent attackers to execute arbitrary code via unspecified input to an application that uses the getline and pg_getline functions to read database rows. Desbordamiento de búfer basado en pila en el módulo DBD::Pg (alias DBD-Pg o libdbd-pg-perl) v1.49 para Perl podría permitir a atacantes, dependiendo del contexto, ejecutar código arbitrario a través de una entrada sin especificar a una aplicación que utiliza las funciones getline y pg_getline para leer filas de la base de datos. • http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://secunia.com/advisories/34909 http://secunia.com/advisories/35058 http://secunia.com/advisories/35685 http://security.debian.org/pool/updates/main/libd/libdbd-pg-perl/libdbd-pg-perl_1.49-2+etch1.diff.gz http://www.debian.org/security/2009/dsa-1780 http://www.redhat.com/support/errata/RHSA-2009-0479.html http://www.redhat.com/support/errata/RHSA-2009-1067.html http://www.securityfocus.com/b • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

CVE-1999-0799

https://notcve.org/view.php?id=CVE-1999-0799

Buffer overflow in bootpd 2.4.3 and earlier via a long boot file location. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0799 •