CVE-2008-1054 – Surgemail 3.0 - Real CGI executables Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-1054
Stack-based buffer overflow in the _lib_spawn_user_getpid function in (1) swatch.exe and (2) surgemail.exe in NetWin SurgeMail 38k4 and earlier, and beta 39a, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via an HTTP request with multiple long headers to webmail.exe and unspecified other CGI executables, which triggers an overflow when assigning values to environment variables. NOTE: some of these details are obtained from third party information. Desbordamiento de búfer basado en pila en la función _lib_spawn_user_getpid de (1) swatch.exe y (2) surgemail.exe en NetWin SurgeMail 38k4 y versiones anteriores, y beta 39a, permite a atacantes remotos provocar una denegación de servicio (caída del demonio) y posiblemente ejecutar código de su elección a través de una petición HTTP con múltiples cabeceras largas de webmail.exe y otros ejecutables CGI no especificados, lo cual dispara un desbordamiento cuando asignan valores a variables de entorno. NOTA: parte de esta información ha sido obtenida a partir de la información de terceros. • https://www.exploit-db.com/exploits/31301 http://aluigi.altervista.org/adv/surgemailz-adv.txt http://secunia.com/advisories/29105 http://securityreason.com/securityalert/3705 http://www.securityfocus.com/archive/1/488741/100/0/threaded http://www.securityfocus.com/bid/27992 http://www.securitytracker.com/id?1019500 http://www.vupen.com/english/advisories/2008/0678 https://exchange.xforce.ibmcloud.com/vulnerabilities/40834 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-1055 – Surgemail and WebMail 3.0 - 'Page' Remote Format String
https://notcve.org/view.php?id=CVE-2008-1055
Format string vulnerability in webmail.exe in NetWin SurgeMail 38k4 and earlier and beta 39a, and WebMail 3.1s and earlier, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via format string specifiers in the page parameter. Vulnerabilidad de cadena de formato en webmail.exe de NetWin SurgeMail 38k4 y versiones anteriores y beta 39a, y WebMail 3.1s y versiones anteriores, permite a atacantes remotos provocar una denegación de servicio (caída del demonio) y posiblemente ejecutar código de su elección a través de cadenas de formato especificadas en el parámetro page. • https://www.exploit-db.com/exploits/31300 http://aluigi.altervista.org/adv/surgemailz-adv.txt http://secunia.com/advisories/29105 http://secunia.com/advisories/29137 http://securityreason.com/securityalert/3705 http://www.securityfocus.com/archive/1/488741/100/0/threaded http://www.securityfocus.com/bid/27990 http://www.securitytracker.com/id?1019500 http://www.vupen.com/english/advisories/2008/0678 https://exchange.xforce.ibmcloud.com/vulnerabilities/40833 • CWE-134: Use of Externally-Controlled Format String •
CVE-2007-2655
https://notcve.org/view.php?id=CVE-2007-2655
Unspecified vulnerability in NetWin Webmail 3.1s-1 in SurgeMail before 3.8i2 has unknown impact and remote attack vectors, possibly a format string vulnerability that allows remote code execution. Una vulnerabilidad no especificada en NetWin Webmail versión 3.1s-1 en SurgeMail versiones anteriores a 3.8i2, presenta un impacto desconocido y vectores de ataque remoto, posiblemente una vulnerabilidad de cadena de formato que permite la ejecución de código remota. • http://osvdb.org/35891 http://secunia.com/advisories/25207 http://www.netwinsite.com/surgemail/help/updates.htm http://www.securityfocus.com/bid/23908 http://www.vupen.com/english/advisories/2007/1755 https://exchange.xforce.ibmcloud.com/vulnerabilities/34217 • CWE-134: Use of Externally-Controlled Format String •
CVE-2005-1714
https://notcve.org/view.php?id=CVE-2005-1714
Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 3.0c2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. • http://secunia.com/advisories/15425 http://www.vupen.com/english/advisories/2005/0576 •
CVE-2005-0845
https://notcve.org/view.php?id=CVE-2005-0845
Directory traversal vulnerability in the Webmail interface in SurgeMail 2.2g3 allows remote authenticated users to write arbitrary files or directories via a .. (dot dot) in the attach_id parameter. • http://marc.info/?l=bugtraq&m=111159967417903&w=2 http://netwinsite.com/cgi/dnewsweb.cgi?cmd=article&group=netwin.surgemail&item=8814&utag= http://secunia.com/advisories/14658 http://www.security.org.sg/vuln/surgemail22g3.html •