RSS   Vulnerabilities for 'Courier mail server'   RSS

2005-12-10
 
CVE-2005-3532

CWE-Other
 

 
authpam.c in courier-authdaemon for Courier Mail Server 0.37.3 through 0.52.1, when using pam_tally, does not call the pam_acct_mgmt function to verify that access should be granted, which allows attackers to authenticate to the server using accounts that have been disabled.

 
2005-07-06
 
CVE-2005-2151

 

 
spf.c in Courier Mail Server does not properly handle DNS failures when looking up Sender Policy Framework (SPF) records, which could allow attackers to cause memory corruption.

 

 >>> Vendor: Double precision incorporated 4 Products
Courier mta
Courier-imap
Sqwebmail
Courier mail server


Copyright 2024, cxsecurity.com

 

Back to Top