Search
Find a vulnerability
Search criteria
6 vulnerabilities found for axigen_mail_server by gecad_technologies
CVE-2008-0434 (GCVE-0-2008-0434)
Vulnerability from nvd – Published: 2008-01-23 21:00 – Updated: 2024-08-07 07:46
VLAI
EPSS
VEX
Summary
Format string vulnerability in the AXIMilter module in AXIGEN Mail Server 5.0.2 allows remote attackers to execute arbitrary code via format string specifiers in the CNHO command.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/3570 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/bid/27363 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/4947 | exploitx_refsource_EXPLOIT-DB |
| http://www.securityfocus.com/archive/1/486722/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://lists.grok.org.uk/pipermail/full-disclosur… | mailing-listx_refsource_FULLDISC |
| http://secunia.com/advisories/28562 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2008/0237 | vdb-entryx_refsource_VUPEN |
Date Public
2008-01-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:46:54.914Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3570",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3570"
},
{
"name": "27363",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27363"
},
{
"name": "4947",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4947"
},
{
"name": "20080120 AXIGEN 5.0.x AXIMilter Format String Exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/486722/100/0/threaded"
},
{
"name": "axigen-aximilter-format-string(39803)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39803"
},
{
"name": "20080120 AXIGEN 5.0.x AXIMilter Format String Exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059788.html"
},
{
"name": "28562",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28562"
},
{
"name": "ADV-2008-0237",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0237"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the AXIMilter module in AXIGEN Mail Server 5.0.2 allows remote attackers to execute arbitrary code via format string specifiers in the CNHO command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3570",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3570"
},
{
"name": "27363",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27363"
},
{
"name": "4947",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4947"
},
{
"name": "20080120 AXIGEN 5.0.x AXIMilter Format String Exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/486722/100/0/threaded"
},
{
"name": "axigen-aximilter-format-string(39803)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39803"
},
{
"name": "20080120 AXIGEN 5.0.x AXIMilter Format String Exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059788.html"
},
{
"name": "28562",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28562"
},
{
"name": "ADV-2008-0237",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0237"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0434",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in the AXIMilter module in AXIGEN Mail Server 5.0.2 allows remote attackers to execute arbitrary code via format string specifiers in the CNHO command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3570",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3570"
},
{
"name": "27363",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27363"
},
{
"name": "4947",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4947"
},
{
"name": "20080120 AXIGEN 5.0.x AXIMilter Format String Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/486722/100/0/threaded"
},
{
"name": "axigen-aximilter-format-string(39803)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39803"
},
{
"name": "20080120 AXIGEN 5.0.x AXIMilter Format String Exploit",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059788.html"
},
{
"name": "28562",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28562"
},
{
"name": "ADV-2008-0237",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0237"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0434",
"datePublished": "2008-01-23T21:00:00.000Z",
"dateReserved": "2008-01-23T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:46:54.914Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0886 (GCVE-0-2007-0886)
Vulnerability from nvd – Published: 2007-02-12 23:00 – Updated: 2024-08-07 12:34
VLAI
EPSS
VEX
Summary
Heap-based buffer underflow in axigen 1.2.6 through 2.0.0b1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via certain base64-encoded data on the pop3 port (110/tcp), which triggers an integer overflow.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://marc.info/?l=full-disclosure&m=11709470842… | mailing-listx_refsource_FULLDISC |
| http://osvdb.org/38133 | vdb-entryx_refsource_OSVDB |
| https://www.exploit-db.com/exploits/3289 | exploitx_refsource_EXPLOIT-DB |
| http://secunia.com/advisories/24073 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/22473 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2007-02-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:21.148Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070208 Axigen \u003c2.0.0b1 DoS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=117094708423302\u0026w=2"
},
{
"name": "38133",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38133"
},
{
"name": "3289",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/3289"
},
{
"name": "24073",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24073"
},
{
"name": "22473",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22473"
},
{
"name": "axigen-memcpy-dos(32342)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32342"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer underflow in axigen 1.2.6 through 2.0.0b1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via certain base64-encoded data on the pop3 port (110/tcp), which triggers an integer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070208 Axigen \u003c2.0.0b1 DoS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=117094708423302\u0026w=2"
},
{
"name": "38133",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38133"
},
{
"name": "3289",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/3289"
},
{
"name": "24073",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24073"
},
{
"name": "22473",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22473"
},
{
"name": "axigen-memcpy-dos(32342)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32342"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0886",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer underflow in axigen 1.2.6 through 2.0.0b1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via certain base64-encoded data on the pop3 port (110/tcp), which triggers an integer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070208 Axigen \u003c2.0.0b1 DoS",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=117094708423302\u0026w=2"
},
{
"name": "38133",
"refsource": "OSVDB",
"url": "http://osvdb.org/38133"
},
{
"name": "3289",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3289"
},
{
"name": "24073",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24073"
},
{
"name": "22473",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22473"
},
{
"name": "axigen-memcpy-dos(32342)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32342"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0886",
"datePublished": "2007-02-12T23:00:00.000Z",
"dateReserved": "2007-02-12T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:34:21.148Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0887 (GCVE-0-2007-0887)
Vulnerability from nvd – Published: 2007-02-12 23:00 – Updated: 2024-08-07 12:34
VLAI
EPSS
VEX
Summary
axigen 1.2.6 through 2.0.0b1 does not properly parse login credentials, which allows remote attackers to cause a denial of service (NULL dereference and application crash) via a base64-encoded "*\x00" sequence on the imap port (143/tcp).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://osvdb.org/33165 | vdb-entryx_refsource_OSVDB |
| https://www.exploit-db.com/exploits/3290 | exploitx_refsource_EXPLOIT-DB |
| http://marc.info/?l=full-disclosure&m=11709470842… | mailing-listx_refsource_FULLDISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/24073 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/22473 | vdb-entryx_refsource_BID |
Date Public
2007-02-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:21.152Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "33165",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33165"
},
{
"name": "3290",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/3290"
},
{
"name": "20070208 Axigen \u003c2.0.0b1 DoS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=117094708423302\u0026w=2"
},
{
"name": "axigen-nullpointer-dos(32345)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32345"
},
{
"name": "24073",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24073"
},
{
"name": "22473",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22473"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "axigen 1.2.6 through 2.0.0b1 does not properly parse login credentials, which allows remote attackers to cause a denial of service (NULL dereference and application crash) via a base64-encoded \"*\\x00\" sequence on the imap port (143/tcp)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "33165",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33165"
},
{
"name": "3290",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/3290"
},
{
"name": "20070208 Axigen \u003c2.0.0b1 DoS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=117094708423302\u0026w=2"
},
{
"name": "axigen-nullpointer-dos(32345)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32345"
},
{
"name": "24073",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24073"
},
{
"name": "22473",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22473"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0887",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "axigen 1.2.6 through 2.0.0b1 does not properly parse login credentials, which allows remote attackers to cause a denial of service (NULL dereference and application crash) via a base64-encoded \"*\\x00\" sequence on the imap port (143/tcp)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "33165",
"refsource": "OSVDB",
"url": "http://osvdb.org/33165"
},
{
"name": "3290",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3290"
},
{
"name": "20070208 Axigen \u003c2.0.0b1 DoS",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=117094708423302\u0026w=2"
},
{
"name": "axigen-nullpointer-dos(32345)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32345"
},
{
"name": "24073",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24073"
},
{
"name": "22473",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22473"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0887",
"datePublished": "2007-02-12T23:00:00.000Z",
"dateReserved": "2007-02-12T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:34:21.152Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0434 (GCVE-0-2008-0434)
Vulnerability from cvelistv5 – Published: 2008-01-23 21:00 – Updated: 2024-08-07 07:46
VLAI
EPSS
VEX
Summary
Format string vulnerability in the AXIMilter module in AXIGEN Mail Server 5.0.2 allows remote attackers to execute arbitrary code via format string specifiers in the CNHO command.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/3570 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/bid/27363 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/4947 | exploitx_refsource_EXPLOIT-DB |
| http://www.securityfocus.com/archive/1/486722/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://lists.grok.org.uk/pipermail/full-disclosur… | mailing-listx_refsource_FULLDISC |
| http://secunia.com/advisories/28562 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2008/0237 | vdb-entryx_refsource_VUPEN |
Date Public
2008-01-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:46:54.914Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3570",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3570"
},
{
"name": "27363",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27363"
},
{
"name": "4947",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4947"
},
{
"name": "20080120 AXIGEN 5.0.x AXIMilter Format String Exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/486722/100/0/threaded"
},
{
"name": "axigen-aximilter-format-string(39803)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39803"
},
{
"name": "20080120 AXIGEN 5.0.x AXIMilter Format String Exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059788.html"
},
{
"name": "28562",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28562"
},
{
"name": "ADV-2008-0237",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0237"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the AXIMilter module in AXIGEN Mail Server 5.0.2 allows remote attackers to execute arbitrary code via format string specifiers in the CNHO command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3570",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3570"
},
{
"name": "27363",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27363"
},
{
"name": "4947",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4947"
},
{
"name": "20080120 AXIGEN 5.0.x AXIMilter Format String Exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/486722/100/0/threaded"
},
{
"name": "axigen-aximilter-format-string(39803)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39803"
},
{
"name": "20080120 AXIGEN 5.0.x AXIMilter Format String Exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059788.html"
},
{
"name": "28562",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28562"
},
{
"name": "ADV-2008-0237",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0237"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0434",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in the AXIMilter module in AXIGEN Mail Server 5.0.2 allows remote attackers to execute arbitrary code via format string specifiers in the CNHO command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3570",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3570"
},
{
"name": "27363",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27363"
},
{
"name": "4947",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4947"
},
{
"name": "20080120 AXIGEN 5.0.x AXIMilter Format String Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/486722/100/0/threaded"
},
{
"name": "axigen-aximilter-format-string(39803)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39803"
},
{
"name": "20080120 AXIGEN 5.0.x AXIMilter Format String Exploit",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059788.html"
},
{
"name": "28562",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28562"
},
{
"name": "ADV-2008-0237",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0237"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0434",
"datePublished": "2008-01-23T21:00:00.000Z",
"dateReserved": "2008-01-23T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:46:54.914Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0886 (GCVE-0-2007-0886)
Vulnerability from cvelistv5 – Published: 2007-02-12 23:00 – Updated: 2024-08-07 12:34
VLAI
EPSS
VEX
Summary
Heap-based buffer underflow in axigen 1.2.6 through 2.0.0b1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via certain base64-encoded data on the pop3 port (110/tcp), which triggers an integer overflow.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://marc.info/?l=full-disclosure&m=11709470842… | mailing-listx_refsource_FULLDISC |
| http://osvdb.org/38133 | vdb-entryx_refsource_OSVDB |
| https://www.exploit-db.com/exploits/3289 | exploitx_refsource_EXPLOIT-DB |
| http://secunia.com/advisories/24073 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/22473 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2007-02-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:21.148Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070208 Axigen \u003c2.0.0b1 DoS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=117094708423302\u0026w=2"
},
{
"name": "38133",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38133"
},
{
"name": "3289",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/3289"
},
{
"name": "24073",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24073"
},
{
"name": "22473",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22473"
},
{
"name": "axigen-memcpy-dos(32342)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32342"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer underflow in axigen 1.2.6 through 2.0.0b1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via certain base64-encoded data on the pop3 port (110/tcp), which triggers an integer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070208 Axigen \u003c2.0.0b1 DoS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=117094708423302\u0026w=2"
},
{
"name": "38133",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38133"
},
{
"name": "3289",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/3289"
},
{
"name": "24073",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24073"
},
{
"name": "22473",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22473"
},
{
"name": "axigen-memcpy-dos(32342)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32342"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0886",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer underflow in axigen 1.2.6 through 2.0.0b1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via certain base64-encoded data on the pop3 port (110/tcp), which triggers an integer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070208 Axigen \u003c2.0.0b1 DoS",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=117094708423302\u0026w=2"
},
{
"name": "38133",
"refsource": "OSVDB",
"url": "http://osvdb.org/38133"
},
{
"name": "3289",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3289"
},
{
"name": "24073",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24073"
},
{
"name": "22473",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22473"
},
{
"name": "axigen-memcpy-dos(32342)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32342"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0886",
"datePublished": "2007-02-12T23:00:00.000Z",
"dateReserved": "2007-02-12T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:34:21.148Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0887 (GCVE-0-2007-0887)
Vulnerability from cvelistv5 – Published: 2007-02-12 23:00 – Updated: 2024-08-07 12:34
VLAI
EPSS
VEX
Summary
axigen 1.2.6 through 2.0.0b1 does not properly parse login credentials, which allows remote attackers to cause a denial of service (NULL dereference and application crash) via a base64-encoded "*\x00" sequence on the imap port (143/tcp).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://osvdb.org/33165 | vdb-entryx_refsource_OSVDB |
| https://www.exploit-db.com/exploits/3290 | exploitx_refsource_EXPLOIT-DB |
| http://marc.info/?l=full-disclosure&m=11709470842… | mailing-listx_refsource_FULLDISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/24073 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/22473 | vdb-entryx_refsource_BID |
Date Public
2007-02-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:21.152Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "33165",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33165"
},
{
"name": "3290",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/3290"
},
{
"name": "20070208 Axigen \u003c2.0.0b1 DoS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=117094708423302\u0026w=2"
},
{
"name": "axigen-nullpointer-dos(32345)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32345"
},
{
"name": "24073",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24073"
},
{
"name": "22473",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22473"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "axigen 1.2.6 through 2.0.0b1 does not properly parse login credentials, which allows remote attackers to cause a denial of service (NULL dereference and application crash) via a base64-encoded \"*\\x00\" sequence on the imap port (143/tcp)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "33165",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33165"
},
{
"name": "3290",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/3290"
},
{
"name": "20070208 Axigen \u003c2.0.0b1 DoS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=117094708423302\u0026w=2"
},
{
"name": "axigen-nullpointer-dos(32345)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32345"
},
{
"name": "24073",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24073"
},
{
"name": "22473",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22473"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0887",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "axigen 1.2.6 through 2.0.0b1 does not properly parse login credentials, which allows remote attackers to cause a denial of service (NULL dereference and application crash) via a base64-encoded \"*\\x00\" sequence on the imap port (143/tcp)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "33165",
"refsource": "OSVDB",
"url": "http://osvdb.org/33165"
},
{
"name": "3290",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3290"
},
{
"name": "20070208 Axigen \u003c2.0.0b1 DoS",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=117094708423302\u0026w=2"
},
{
"name": "axigen-nullpointer-dos(32345)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32345"
},
{
"name": "24073",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24073"
},
{
"name": "22473",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22473"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0887",
"datePublished": "2007-02-12T23:00:00.000Z",
"dateReserved": "2007-02-12T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:34:21.152Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}