CVSS: 10.0EPSS: 8%CPEs: 50EXPL: 1CVE-2004-0234
https://notcve.org/view.php?id=CVE-2004-0234
05 May 2004 — Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive. Múltiples desbordamientos de búfer basados en la pila en la función get_header de header.c de LHA 1.14 utilizado en productos como Barracuda Spam Firewall, permite a atacantes remotos ... • http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 7%CPEs: 50EXPL: 1CVE-2004-0235
https://notcve.org/view.php?id=CVE-2004-0235
05 May 2004 — Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path"). Múltiples vulnerabilidades de atravesamiento de directorios en LHA 1.14 permite a atacantes locales o usuarios locales crear ficheros arbitrarios mediante un archivo LHA conteniendo nombres de fichero con secuencias (1) ".." (punto punto) o (2) rutas abs... • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000840 •
CVSS: 7.5EPSS: 2%CPEs: 14EXPL: 2CVE-2003-1481 – CommuniGate Pro Webmail 4.0.6 - Session Hijacking
https://notcve.org/view.php?id=CVE-2003-1481
31 Dec 2003 — CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request for an image, which allows remote attackers to hijack mail sessions via an e-mail with an IMG tag that references a malicious URL that captures the referer. • https://www.exploit-db.com/exploits/27 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2002-2375
https://notcve.org/view.php?id=CVE-2002-2375
31 Dec 2002 — Directory traversal vulnerability in CommuniGate Pro 4.0b4 and possibly earlier versions allows remote attackers to list the contents of the WebUser directory and its parent directory via a (1) .. (dot dot) or (2) . (dot) in a URL. NOTE: it is not clear whether this issue reveals any more information regarding directory structure than is already available to any CommuniGate Pro user, although there is a possibility that it could be used to infer product version information. • http://archives.neohapsis.com/archives/bugtraq/2002-07/0016.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.3EPSS: 4%CPEs: 1EXPL: 2CVE-2000-1002 – PragmaSys TelnetServer 2000 - rexec Buffer Overflow
https://notcve.org/view.php?id=CVE-2000-1002
11 Dec 2000 — POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to determine valid email addresses on the server for SPAM attacks. • https://www.exploit-db.com/exploits/20175 •
CVSS: 7.5EPSS: 7%CPEs: 1EXPL: 3CVE-2000-0634 – Stalker CommuniGate Pro 3.2.4 - Arbitrary File Read
https://notcve.org/view.php?id=CVE-2000-0634
03 Apr 2000 — The web administration interface for CommuniGate Pro 3.2.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack. • https://www.exploit-db.com/exploits/20091 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-1999-0865
https://notcve.org/view.php?id=CVE-1999-0865
03 Dec 1999 — Buffer overflow in CommuniGatePro via a long string to the HTTP configuration port. • http://marc.info/?l=bugtraq&m=94426440413027&w=2 •
CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 1CVE-1999-1504 – Stalker Internet Mail Server 1.6 - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-1999-1504
08 Apr 1998 — Stalker Internet Mail Server 1.6 allows a remote attacker to cause a denial of service (crash) via a long HELO command. • https://www.exploit-db.com/exploits/19047 •