CVE-2005-0276
published 2005-05-02CVE-2005-0276: Multiple format string vulnerabilities in the FTP service in 3Com 3CDaemon 2.0 revision 10 allow remote attackers to cause a denial of service (application…
PriorityP416medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
1.57%
72.4th percentile
Multiple format string vulnerabilities in the FTP service in 3Com 3CDaemon 2.0 revision 10 allow remote attackers to cause a denial of service (application crash) via format string specifiers in (1) the username, (2) cd, (3) delete, (4) rename, (5) rmdir, (6) literal, (7) stat, or (8) CWD commands.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| 3com | 3cdaemon | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2005-2933 imap buffer overflow
bugzilla·2005-11-29·CVSS 7.5
CVE-2005-2933 [HIGH] CVE-2005-2933 imap buffer overflow
CVE-2005-2933 imap buffer overflow
+++ This bug was initially created as a clone of Bug #169953 +++
iDEFENSE has reported a buffer overflow in the wu-imap server:
http://www.idefense.com/application/poi/display?id=313&type=vulnerabilities
An authenticated user can request a mailbox with a specially crafted name which
will overflow a buffer.
This issue also affects RHEL2.1
Discussion:
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
http://rhn.redhat.com/errata/RHSA-2006-0276.html
Bugzilla
CVE-2005-3883 PHP mb_send_mail() header parsing issue
bugzilla·2005-11-29·CVSS 5.0
CVE-2005-3883 [MEDIUM] CVE-2005-3883 PHP mb_send_mail() header parsing issue
CVE-2005-3883 PHP mb_send_mail() header parsing issue
PHP mb_send_mail() header parsing issue
http://bugs.php.net/bug.php?id=35307
The mb_send_mail() function does not properly verify the "To" header
when sending mail. This could allow an attacker to inject arbitrary
headers into an outgoing mail message which could be used to relay
spam.
This issue also affects RHEL3
This issue also affects RHEL2.1
Discussion:
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
http://rhn.redhat.com/errata/RHSA-2006-0276.h
2005-05-02
Published