Vulnerabilites related to metamail_corporation - metamail
CVE-1999-1263 (GCVE-0-1999-1263)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-01 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Metamail before 2.7-7.2 allows remote attackers to overwrite arbitrary files via an e-mail message containing a uuencoded attachment that specifies the full pathname for the file to be modified, which is processed by uuencode in Metamail scripts such as sun-audio-file.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:11:01.485Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "metamail-file-creation(1677)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1677"
},
{
"name": "19971024 Vulnerability in metamail",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=87773365324657\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1997-10-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Metamail before 2.7-7.2 allows remote attackers to overwrite arbitrary files via an e-mail message containing a uuencoded attachment that specifies the full pathname for the file to be modified, which is processed by uuencode in Metamail scripts such as sun-audio-file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-01T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "metamail-file-creation(1677)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1677"
},
{
"name": "19971024 Vulnerability in metamail",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=87773365324657\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1263",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Metamail before 2.7-7.2 allows remote attackers to overwrite arbitrary files via an e-mail message containing a uuencoded attachment that specifies the full pathname for the file to be modified, which is processed by uuencode in Metamail scripts such as sun-audio-file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "metamail-file-creation(1677)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1677"
},
{
"name": "19971024 Vulnerability in metamail",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=87773365324657\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1263",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:11:01.485Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1808 (GCVE-0-2004-1808)
Vulnerability from cvelistv5
Published
2005-05-10 04:00
Modified
2024-08-08 01:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attack.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:07:48.133Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040312 Metamail \u0027extcompose\u0027 script Symlink Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107910934926062\u0026w=2"
},
{
"name": "9850",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9850"
},
{
"name": "metamail-extcompose-symlink(15460)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15460"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040312 Metamail \u0027extcompose\u0027 script Symlink Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107910934926062\u0026w=2"
},
{
"name": "9850",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9850"
},
{
"name": "metamail-extcompose-symlink(15460)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15460"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1808",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040312 Metamail \u0027extcompose\u0027 script Symlink Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107910934926062\u0026w=2"
},
{
"name": "9850",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9850"
},
{
"name": "metamail-extcompose-symlink(15460)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15460"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1808",
"datePublished": "2005-05-10T04:00:00",
"dateReserved": "2005-05-04T00:00:00",
"dateUpdated": "2024-08-08T01:07:48.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0709 (GCVE-0-2006-0709)
Vulnerability from cvelistv5
Published
2006-02-15 11:00
Modified
2024-08-07 16:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in Metamail 2.7-50 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via e-mail messages with a long boundary attribute, a different vulnerability than CVE-2004-0105.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:41:29.231Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1015654",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015654"
},
{
"name": "18796",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18796"
},
{
"name": "SUSE-SR:2006:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_05_sr.html"
},
{
"name": "19226",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19226"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=352482"
},
{
"name": "GLSA-200603-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-16.xml"
},
{
"name": "metamail-boundary-bo(24702)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24702"
},
{
"name": "MDKSA-2006:047",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:047"
},
{
"name": "18987",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18987"
},
{
"name": "19130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19130"
},
{
"name": "DSA-995",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-995"
},
{
"name": "RHSA-2006:0217",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0217.html"
},
{
"name": "19000",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19000"
},
{
"name": "16611",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16611"
},
{
"name": "19304",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19304"
},
{
"name": "ADV-2006-0565",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0565"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Metamail 2.7-50 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via e-mail messages with a long boundary attribute, a different vulnerability than CVE-2004-0105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1015654",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015654"
},
{
"name": "18796",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18796"
},
{
"name": "SUSE-SR:2006:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_05_sr.html"
},
{
"name": "19226",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19226"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=352482"
},
{
"name": "GLSA-200603-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-16.xml"
},
{
"name": "metamail-boundary-bo(24702)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24702"
},
{
"name": "MDKSA-2006:047",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:047"
},
{
"name": "18987",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18987"
},
{
"name": "19130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19130"
},
{
"name": "DSA-995",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-995"
},
{
"name": "RHSA-2006:0217",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0217.html"
},
{
"name": "19000",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19000"
},
{
"name": "16611",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16611"
},
{
"name": "19304",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19304"
},
{
"name": "ADV-2006-0565",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0565"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0709",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Metamail 2.7-50 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via e-mail messages with a long boundary attribute, a different vulnerability than CVE-2004-0105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1015654",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015654"
},
{
"name": "18796",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18796"
},
{
"name": "SUSE-SR:2006:005",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_05_sr.html"
},
{
"name": "19226",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19226"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=352482",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=352482"
},
{
"name": "GLSA-200603-16",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-16.xml"
},
{
"name": "metamail-boundary-bo(24702)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24702"
},
{
"name": "MDKSA-2006:047",
"refsource": "MANDRIVA",
"url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:047"
},
{
"name": "18987",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18987"
},
{
"name": "19130",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19130"
},
{
"name": "DSA-995",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-995"
},
{
"name": "RHSA-2006:0217",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0217.html"
},
{
"name": "19000",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19000"
},
{
"name": "16611",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16611"
},
{
"name": "19304",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19304"
},
{
"name": "ADV-2006-0565",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0565"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0709",
"datePublished": "2006-02-15T11:00:00",
"dateReserved": "2006-02-15T00:00:00",
"dateUpdated": "2024-08-07T16:41:29.231Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0105 (GCVE-0-2004-0105)
Vulnerability from cvelistv5
Published
2004-02-19 05:00
Modified
2024-08-08 00:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:10:03.902Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-449",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-449"
},
{
"name": "SSA:2004-049",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734"
},
{
"name": "metamail-splitmail-subject-bo(15258)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15258"
},
{
"name": "O-083",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/o-083.shtml"
},
{
"name": "9692",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9692"
},
{
"name": "VU#513062",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/513062"
},
{
"name": "10908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10908"
},
{
"name": "metamail-printheader-nonascii-bo(15247)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15247"
},
{
"name": "MDKSA-2004:014",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:014"
},
{
"name": "RHSA-2004:073",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-073.html"
},
{
"name": "20040218 metamail format string bugs and buffer overflows",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html"
},
{
"name": "20040218 metamail format string bugs and buffer overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107713476911429\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-02-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-449",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-449"
},
{
"name": "SSA:2004-049",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734"
},
{
"name": "metamail-splitmail-subject-bo(15258)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15258"
},
{
"name": "O-083",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/o-083.shtml"
},
{
"name": "9692",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9692"
},
{
"name": "VU#513062",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/513062"
},
{
"name": "10908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10908"
},
{
"name": "metamail-printheader-nonascii-bo(15247)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15247"
},
{
"name": "MDKSA-2004:014",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:014"
},
{
"name": "RHSA-2004:073",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-073.html"
},
{
"name": "20040218 metamail format string bugs and buffer overflows",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html"
},
{
"name": "20040218 metamail format string bugs and buffer overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107713476911429\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0105",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-449",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-449"
},
{
"name": "SSA:2004-049",
"refsource": "SLACKWARE",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734"
},
{
"name": "metamail-splitmail-subject-bo(15258)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15258"
},
{
"name": "O-083",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/o-083.shtml"
},
{
"name": "9692",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9692"
},
{
"name": "VU#513062",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/513062"
},
{
"name": "10908",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10908"
},
{
"name": "metamail-printheader-nonascii-bo(15247)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15247"
},
{
"name": "MDKSA-2004:014",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:014"
},
{
"name": "RHSA-2004:073",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-073.html"
},
{
"name": "20040218 metamail format string bugs and buffer overflows",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html"
},
{
"name": "20040218 metamail format string bugs and buffer overflows",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107713476911429\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0105",
"datePublished": "2004-02-19T05:00:00",
"dateReserved": "2004-02-02T00:00:00",
"dateUpdated": "2024-08-08T00:10:03.902Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1261 (GCVE-0-1999-1261)
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in Rainbow Six Multiplayer allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long nickname (nick) command.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:11:01.480Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19990211 Rainbow Six Buffer Overflow.....",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/12433"
},
{
"name": "rainbowsix-nick-bo(1772)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1772"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-02-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Rainbow Six Multiplayer allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long nickname (nick) command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19990211 Rainbow Six Buffer Overflow.....",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/12433"
},
{
"name": "rainbowsix-nick-bo(1772)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1772"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1261",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Rainbow Six Multiplayer allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long nickname (nick) command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990211 Rainbow Six Buffer Overflow.....",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/12433"
},
{
"name": "rainbowsix-nick-bo(1772)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1772"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1261",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:11:01.480Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0104 (GCVE-0-2004-0104)
Vulnerability from cvelistv5
Published
2004-02-19 05:00
Modified
2024-08-08 00:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:10:03.709Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "metamail-printheader-format-string(15259)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15259"
},
{
"name": "DSA-449",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-449"
},
{
"name": "SSA:2004-049",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734"
},
{
"name": "O-083",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/o-083.shtml"
},
{
"name": "9692",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9692"
},
{
"name": "10908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10908"
},
{
"name": "MDKSA-2004:014",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:014"
},
{
"name": "metamail-contenttype-format-string(15245)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15245"
},
{
"name": "RHSA-2004:073",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-073.html"
},
{
"name": "20040218 metamail format string bugs and buffer overflows",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html"
},
{
"name": "VU#518518",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/518518"
},
{
"name": "20040218 metamail format string bugs and buffer overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107713476911429\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-02-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "metamail-printheader-format-string(15259)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15259"
},
{
"name": "DSA-449",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-449"
},
{
"name": "SSA:2004-049",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734"
},
{
"name": "O-083",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/o-083.shtml"
},
{
"name": "9692",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9692"
},
{
"name": "10908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10908"
},
{
"name": "MDKSA-2004:014",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:014"
},
{
"name": "metamail-contenttype-format-string(15245)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15245"
},
{
"name": "RHSA-2004:073",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-073.html"
},
{
"name": "20040218 metamail format string bugs and buffer overflows",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html"
},
{
"name": "VU#518518",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/518518"
},
{
"name": "20040218 metamail format string bugs and buffer overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107713476911429\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0104",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "metamail-printheader-format-string(15259)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15259"
},
{
"name": "DSA-449",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-449"
},
{
"name": "SSA:2004-049",
"refsource": "SLACKWARE",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734"
},
{
"name": "O-083",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/o-083.shtml"
},
{
"name": "9692",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9692"
},
{
"name": "10908",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10908"
},
{
"name": "MDKSA-2004:014",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:014"
},
{
"name": "metamail-contenttype-format-string(15245)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15245"
},
{
"name": "RHSA-2004:073",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-073.html"
},
{
"name": "20040218 metamail format string bugs and buffer overflows",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html"
},
{
"name": "VU#518518",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/518518"
},
{
"name": "20040218 metamail format string bugs and buffer overflows",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107713476911429\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0104",
"datePublished": "2004-02-19T05:00:00",
"dateReserved": "2004-02-02T00:00:00",
"dateUpdated": "2024-08-08T00:10:03.709Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1266 (GCVE-0-1999-1266)
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
rsh daemon (rshd) generates different error messages when a valid username is provided versus an invalid name, which allows remote attackers to determine valid users on the system.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:11:01.470Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19970613 rshd gives away usernames",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/6978"
},
{
"name": "rsh-username-leaks(1660)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1660"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1997-06-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "rsh daemon (rshd) generates different error messages when a valid username is provided versus an invalid name, which allows remote attackers to determine valid users on the system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19970613 rshd gives away usernames",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/6978"
},
{
"name": "rsh-username-leaks(1660)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1660"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1266",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "rsh daemon (rshd) generates different error messages when a valid username is provided versus an invalid name, which allows remote attackers to determine valid users on the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19970613 rshd gives away usernames",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/6978"
},
{
"name": "rsh-username-leaks(1660)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1660"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1266",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:11:01.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2003-08-15 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Metamail before 2.7-7.2 allows remote attackers to overwrite arbitrary files via an e-mail message containing a uuencoded attachment that specifies the full pathname for the file to be modified, which is processed by uuencode in Metamail scripts such as sun-audio-file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://marc.info/?l=bugtraq&m=87773365324657&w=2 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/1677 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=87773365324657&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/1677 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| metamail_corporation | metamail | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:metamail_corporation:metamail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62602141-B1CA-484C-97CC-4E85F34EC8C1",
"versionEndIncluding": "2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Metamail before 2.7-7.2 allows remote attackers to overwrite arbitrary files via an e-mail message containing a uuencoded attachment that specifies the full pathname for the file to be modified, which is processed by uuencode in Metamail scripts such as sun-audio-file."
}
],
"id": "CVE-1999-1263",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2003-08-15T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=87773365324657\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1677"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=87773365324657\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1677"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-03-03 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=107713476911429&w=2 | ||
| cve@mitre.org | http://secunia.com/advisories/10908 | ||
| cve@mitre.org | http://www.ciac.org/ciac/bulletins/o-083.shtml | ||
| cve@mitre.org | http://www.debian.org/security/2004/dsa-449 | ||
| cve@mitre.org | http://www.kb.cert.org/vuls/id/518518 | US Government Resource | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2004:014 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2004-073.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/9692 | Exploit, Patch, Vendor Advisory | |
| cve@mitre.org | http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.404734 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/15245 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/15259 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=107713476911429&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/10908 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ciac.org/ciac/bulletins/o-083.shtml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2004/dsa-449 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/518518 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2004:014 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2004-073.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/9692 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.404734 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/15245 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/15259 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| metamail_corporation | metamail | * | |
| sgi | propack | 2.3 | |
| sgi | propack | 2.4 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | linux_advanced_workstation | 2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:metamail_corporation:metamail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62602141-B1CA-484C-97CC-4E85F34EC8C1",
"versionEndIncluding": "2.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de cadena de formato en Metamail 2.7 y anteriores permiten a atacantes remotos ejecutar c\u00f3digo arbitrario."
}
],
"id": "CVE-2004-0104",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-03-03T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107713476911429\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10908"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/o-083.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-449"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/518518"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:014"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-073.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9692"
},
{
"source": "cve@mitre.org",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15245"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107713476911429\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10908"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/o-083.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-449"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/518518"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:014"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-073.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15259"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-10-24 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in Rainbow Six Multiplayer allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long nickname (nick) command.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/12433 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/1772 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/12433 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/1772 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| metamail_corporation | metamail | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:metamail_corporation:metamail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB6F8DFB-5EA4-4572-9BCF-5D0ECD56DB6C",
"versionEndIncluding": "7.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Rainbow Six Multiplayer allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long nickname (nick) command."
}
],
"id": "CVE-1999-1261",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-10-24T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/12433"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/12433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1772"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-03-03 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=107713476911429&w=2 | ||
| cve@mitre.org | http://secunia.com/advisories/10908 | ||
| cve@mitre.org | http://www.ciac.org/ciac/bulletins/o-083.shtml | ||
| cve@mitre.org | http://www.debian.org/security/2004/dsa-449 | ||
| cve@mitre.org | http://www.kb.cert.org/vuls/id/513062 | US Government Resource | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2004:014 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2004-073.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/9692 | ||
| cve@mitre.org | http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.404734 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/15247 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/15258 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=107713476911429&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/10908 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ciac.org/ciac/bulletins/o-083.shtml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2004/dsa-449 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/513062 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2004:014 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2004-073.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/9692 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.404734 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/15247 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/15258 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| metamail_corporation | metamail | * | |
| sgi | propack | 2.3 | |
| sgi | propack | 2.4 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | linux_advanced_workstation | 2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:metamail_corporation:metamail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62602141-B1CA-484C-97CC-4E85F34EC8C1",
"versionEndIncluding": "2.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafe en Metamail 2.7 y anteriores permiten a atacantes remtos ejecutar c\u00f3digo arbitrario."
}
],
"id": "CVE-2004-0105",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-03-03T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107713476911429\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10908"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/o-083.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-449"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/513062"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:014"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-073.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/9692"
},
{
"source": "cve@mitre.org",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15247"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15258"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107713476911429\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10908"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/o-083.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-449"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/513062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:014"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-073.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/9692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15247"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15258"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attack.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://marc.info/?l=bugtraq&m=107910934926062&w=2 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/9850 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/15460 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=107910934926062&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/9850 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/15460 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| metamail_corporation | metamail | 2.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:metamail_corporation:metamail:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9FB66F00-DC88-4FB0-83D9-B643EC09B37E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attack."
}
],
"id": "CVE-2004-1808",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107910934926062\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/9850"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107910934926062\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/9850"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15460"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "The Red Hat Security Response Team rated this issue as having low security impact. This issue affected Red Hat Enterprise Linux 2.1 but due to the low severity will not be fixed. metamail was not shipped in Red Hat Enterprise Linux 3, 4, or 5.",
"lastModified": "2009-06-01T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-02-15 11:06
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in Metamail 2.7-50 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via e-mail messages with a long boundary attribute, a different vulnerability than CVE-2004-0105.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=352482 | ||
| cve@mitre.org | http://secunia.com/advisories/18796 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/18987 | Patch, Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/19000 | Patch, Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/19130 | ||
| cve@mitre.org | http://secunia.com/advisories/19226 | ||
| cve@mitre.org | http://secunia.com/advisories/19304 | ||
| cve@mitre.org | http://securitytracker.com/id?1015654 | ||
| cve@mitre.org | http://www.debian.org/security/2006/dsa-995 | ||
| cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200603-16.xml | ||
| cve@mitre.org | http://www.novell.com/linux/security/advisories/2006_05_sr.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2006-0217.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/16611 | Exploit, Patch | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2006/0565 | ||
| cve@mitre.org | http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:047 | Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/24702 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=352482 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18796 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18987 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19000 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19130 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19226 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19304 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1015654 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-995 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200603-16.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2006_05_sr.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2006-0217.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/16611 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2006/0565 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:047 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/24702 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| metamail_corporation | metamail | 2.7.50 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:metamail_corporation:metamail:2.7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "E6703A77-3E4D-47D7-A21B-AA658C19F87E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Metamail 2.7-50 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via e-mail messages with a long boundary attribute, a different vulnerability than CVE-2004-0105."
}
],
"id": "CVE-2006-0709",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-02-15T11:06:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=352482"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18796"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18987"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19000"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/19130"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/19226"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/19304"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015654"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-995"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-16.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2006_05_sr.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0217.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/16611"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/0565"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:047"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24702"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=352482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18796"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18987"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19226"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19304"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015654"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-995"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-16.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2006_05_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0217.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/16611"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24702"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-06-13 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
rsh daemon (rshd) generates different error messages when a valid username is provided versus an invalid name, which allows remote attackers to determine valid users on the system.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/6978 | Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/1660 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/6978 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/1660 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| metamail_corporation | metamail | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:metamail_corporation:metamail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB6F8DFB-5EA4-4572-9BCF-5D0ECD56DB6C",
"versionEndIncluding": "7.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "rsh daemon (rshd) generates different error messages when a valid username is provided versus an invalid name, which allows remote attackers to determine valid users on the system."
}
],
"id": "CVE-1999-1266",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-06-13T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/6978"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1660"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/6978"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1660"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}