RSS   Vulnerabilities for 'Courier mta'   RSS

2006-05-30
 
CVE-2006-2659

CWE-Other
 

 
libs/comverp.c in Courier MTA before 0.53.2 allows attackers to cause a denial of service (CPU consumption) via unknown vectors involving usernames that contain the "=" (equals) character, which is not properly handled during encoding.

 
2004-04-15
 
CVE-2004-0224

 

 
Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for Courier-IMAP before 3.0.0, Courier before 0.45, and SqWebMail before 4.0.0 may allow remote attackers to execute arbitrary code "when Unicode character is out of BMP range."

 
2003-02-19
 
CVE-2003-0040

 

 
SQL injection vulnerability in the PostgreSQL auth module for courier 0.40 and earlier allows remote attackers to execute SQL code via the user name.

 
2002-11-29
 
CVE-2002-1311

 

 
Courier sqwebmail before 0.40.0 does not quickly drop privileges after startup in certain cases, which could allow local users to read arbitrary files.

 
2002-10-04
 
CVE-2002-0914

 

 
Double Precision Courier e-mail MTA allows remote attackers to cause a denial of service (CPU consumption) via a message with an extremely large or negative value for the year, which causes a tight loop.

 

 >>> Vendor: Double precision incorporated 4 Products
Courier mta
Courier-imap
Sqwebmail
Courier mail server


Copyright 2024, cxsecurity.com

 

Back to Top