The 'Professional' and 'Enterprise' editions of MailEnable are prone to a remote heap buffer overflow. The overflow allows the attacker to control the EAX and ECX registers, allowing arbitrary code execution as SYSTEM. If logging is enabled, the request could contain: GET /{4032 x A} HTTP/1.1 or, without logging: GET /{8501 x A} HTTP/1.1.
The vulnerability allows an attacker to hide the true contents of a URI link by using a properly formatted HREF tag containing an image. This can trick a user into following a malicious link that appears to be from a trusted site.
This source code is an example of a memory leakage vulnerability in proftpd-1.2.0(rc2) server. It can cause a denial of service by sending a large number of size commands.
The NukeJokes module is affected by multiple input validation vulnerabilities. These include multiple SQL injection issues and multiple cross-site scripting vulnerabilities. The vulnerabilities arise due to a failure to properly sanitize user-supplied input, allowing remote attackers to manipulate query logic and potentially gain unauthorized access to sensitive information or execute malicious scripts in the context of the victim user's browser.
A vulnerability in the MyWeb HTTP server allows for insufficient bounds checking when handling GET requests. This can be exploited by an attacker to corrupt sensitive data and potentially execute arbitrary code, leading to denial of service.
A remote attacker can exploit this vulnerability by sending a malicious HTML email with an excessively long hyperlink to a file resource. This can lead to the execution of arbitrary code in the context of the client user.
A remote buffer overflow vulnerability has been reported to affect the DeleGate SSLway filter. This filter is employed when DeleGate is applying SSL to arbitrary protocols. The issue presents itself due to a lack of sufficient boundary checks performed, when copying user-supplied certificate field contents. A remote attacker may potentially exploit this issue, to overwrite the return address of the static ssl_prcert() function. The attacker may corrupt any other saved value that is within 768 bytes from the end of the affected buffers. It has been reported that the X509_NAME_oneline() function will perform character conversion on characters below '0x20' or above '0x7e'; this may hinder exploitation of this issue.
The SurgeLDAP web administration application is prone to an authentication bypass vulnerability, possibly allowing remote attackers manager access. Once administration access is granted, it may be possible for an attacker to modify records in the LDAP database, destroy data, crash the server, or possibly further attacks on other services utilizing SurgeLDAP for its authentication data.
Exim has a remotely exploitable stack-based buffer overrun vulnerability. This vulnerability can be triggered by a malicious email if sender verification is enabled in the agent. It allows for the execution of arbitrary code in the content of the mail transfer agent. The vulnerable functionality is not enabled by default, but may be enabled in some Linux/Unix distributions that ship the software.
PHPX is affected by multiple administrator command execution vulnerabilities. These issues allow a remote attacker to create a malicious URI link or embed a malicious URI between bbCode image tags, leading to the execution of attacker-supplied commands with administrator privileges.