[Forgot Password]
Login  Register Subscribe

25354

 
 

132811

 
 

144497

 
 

909

 
 

116278

 
 

156

 
 
Paid content will be excluded from the download.

Filter
Matches : 1649 Download | Alert*

Several vulnerabilities were discovered in Drupal, a fully-featured content management framework, which could result in an open redirect or cross-site scripting.

Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request.

commands.c in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SMTP command without a space character, which causes an array to be referenced with a negative index.

Integer signedness error in the qmail_put and substdio_put functions in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large number of SMTP RCPT TO commands.

qmail-verify as used in netqmail 1.06 is prone to a mail-address verification bypass vulnerability.

qmail-verify as used in netqmail 1.06 is prone to an information disclosure vulnerability. A local attacker can test for the existence of files and directories anywhere in the filesystem because qmail-verify runs as root and tests for the existence of files in the attacker's home directory, without dropping its privileges first.

Georgi Guninski and the Qualys Research Labs discovered multiple vulnerabilities in qmail which could result in the execution of arbitrary code, bypass of mail address verification and a local information leak whether a file exists or not.

Two vulnerabiliites have been discovered in PDNS Recursor, a resolving name server; a traffic amplification attack against third party authoritative name servers and insufficient validation of NXDOMAIN responses lacking an SOA. The version of pdns-recursor in the oldstable distribution is no longer supported. If these security issues affect your setup, you should upgrade to the stable distributi ...

In Dovecot before 2.3.10.1, unauthenticated sending of malformed parameters to a NOOP command causes a NULL Pointer Dereference and crash in submission-login, submission, or lmtp.

In Dovecot before 2.3.10.1, a crafted SMTP/LMTP message triggers an unauthenticated use-after-free bug in submission-login, submission, or lmtp, and can lead to a crash under circumstances involving many newlines after a command.


Pages:      Start    8    9    10    11    12    13    14    15    16    17    18    19    20    21    ..   164

© SecPod Technologies