3 results (0.003 seconds)

CVSS: 9.3EPSS: 8%CPEs: 1EXPL: 3

Format string vulnerability in the AXIMilter module in AXIGEN Mail Server 5.0.2 allows remote attackers to execute arbitrary code via format string specifiers in the CNHO command. Vulnerabilidad de cadena de formato en el módulo AXIMilter de AXIGEN Mail Server 5.0.2 permite a atacantes remotos ejecutar código de su elección mediante especificadores de cadena de formato en el comando CNHO. • https://www.exploit-db.com/exploits/4947 http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059788.html http://secunia.com/advisories/28562 http://securityreason.com/securityalert/3570 http://www.securityfocus.com/archive/1/486722/100/0/threaded http://www.securityfocus.com/bid/27363 http://www.vupen.com/english/advisories/2008/0237 https://exchange.xforce.ibmcloud.com/vulnerabilities/39803 • CWE-189: Numeric Errors •

CVSS: 10.0EPSS: 15%CPEs: 2EXPL: 1

Heap-based buffer underflow in axigen 1.2.6 through 2.0.0b1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via certain base64-encoded data on the pop3 port (110/tcp), which triggers an integer overflow. Desbordamiento de búfer basado en montón en axigen 1.2.6 hasta 2.0.0b1 permite a atacantes remotos provocar una denegación de servicio (cierre de aplicación) y posiblemente ejecutar código de su elección mediante determinados datos codificados en base64 en el puerto pop3 (110/tcp), lo cual dispara un desbordamiento de entero. • https://www.exploit-db.com/exploits/3289 http://marc.info/?l=full-disclosure&m=117094708423302&w=2 http://osvdb.org/38133 http://secunia.com/advisories/24073 http://www.securityfocus.com/bid/22473 https://exchange.xforce.ibmcloud.com/vulnerabilities/32342 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 4%CPEs: 2EXPL: 1

axigen 1.2.6 through 2.0.0b1 does not properly parse login credentials, which allows remote attackers to cause a denial of service (NULL dereference and application crash) via a base64-encoded "*\x00" sequence on the imap port (143/tcp). axigen 1.2.6 hasta 2.0.0b1 no analiza adecuadamente las credenciales de acceso, lo cual permite a atacantes remotos provocar una denegación de servicio (referencia a NULL y cierre de aplicación) mediante una secuencia en base-64 "*\x00" en el puerto imap (143/tcp). • https://www.exploit-db.com/exploits/3290 http://marc.info/?l=full-disclosure&m=117094708423302&w=2 http://osvdb.org/33165 http://secunia.com/advisories/24073 http://www.securityfocus.com/bid/22473 https://exchange.xforce.ibmcloud.com/vulnerabilities/32345 • CWE-476: NULL Pointer Dereference •