Show filters
19 Total Results
Displaying 11-19 of 19
Sort by:
Attacker Value
Unknown

CVE-2004-0235

Disclosure Date: August 18, 2004 (last updated February 22, 2025)
Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").
0
0
Attacker Value
Unknown

CVE-2004-0234

Disclosure Date: August 18, 2004 (last updated February 22, 2025)
Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.
0
0
Attacker Value
Unknown

CVE-2003-1481

Disclosure Date: December 31, 2003 (last updated February 22, 2025)
CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request for an image, which allows remote attackers to hijack mail sessions via an e-mail with an IMG tag that references a malicious URL that captures the referer.
0
0
Attacker Value
Unknown

CVE-2002-2375

Disclosure Date: December 31, 2002 (last updated February 22, 2025)
Directory traversal vulnerability in CommuniGate Pro 4.0b4 and possibly earlier versions allows remote attackers to list the contents of the WebUser directory and its parent directory via a (1) .. (dot dot) or (2) . (dot) in a URL. NOTE: it is not clear whether this issue reveals any more information regarding directory structure than is already available to any CommuniGate Pro user, although there is a possibility that it could be used to infer product version information.
0
0
Attacker Value
Unknown

CVE-2000-1002

Disclosure Date: December 11, 2000 (last updated February 22, 2025)
POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to determine valid email addresses on the server for SPAM attacks.
0
0
Attacker Value
Unknown

CVE-2000-0726

Disclosure Date: October 20, 2000 (last updated February 22, 2025)
CGIMail.exe CGI program in Stalkerlab Mailers 1.1.2 allows remote attackers to read arbitrary files by specifying the file in the $Attach$ hidden form variable.
0
0
Attacker Value
Unknown

CVE-2000-0634

Disclosure Date: April 03, 2000 (last updated February 22, 2025)
The web administration interface for CommuniGate Pro 3.2.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack.
0
0
Attacker Value
Unknown

CVE-1999-0865

Disclosure Date: December 03, 1999 (last updated February 22, 2025)
Buffer overflow in CommuniGatePro via a long string to the HTTP configuration port.
0
0
Attacker Value
Unknown

CVE-1999-1504

Disclosure Date: April 08, 1998 (last updated February 22, 2025)
Stalker Internet Mail Server 1.6 allows a remote attacker to cause a denial of service (crash) via a long HELO command.
0
0
View More Topics  < Previous