CVE-2007-6101
published 2007-11-23CVE-2007-6101: Ability Mail Server before 2.61 allows remote authenticated users to cause a denial of service (daemon crash) via (1) malformed number list ranges in…
PriorityP411medium4CVSS 2.0
AVNACLAuSCNINAP
EPSS
1.35%
68.0th percentile
Ability Mail Server before 2.61 allows remote authenticated users to cause a denial of service (daemon crash) via (1) malformed number list ranges in unspecified IMAP commands, and possibly (2) a blank string in unspecified messages.
Affected
30 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| code-crafters | ability_mail_server | — | — |
| code-crafters | ability_mail_server | — | — |
| code-crafters | ability_mail_server | — | — |
| code-crafters | ability_mail_server | — | — |
| code-crafters | ability_mail_server | — | — |
| code-crafters | ability_mail_server | — | — |
| code-crafters | ability_mail_server | — | — |
| code-crafters | ability_mail_server | — | — |
| code-crafters | ability_mail_server | — | — |
| code-crafters | ability_mail_server | — | — |
| code-crafters | ability_mail_server | — | — |
| code-crafters | ability_mail_server | — | — |
| code-crafters | ability_mail_server | — | — |
| code-crafters | ability_mail_server | — | — |
| code-crafters | ability_mail_server | — | — |
| code-crafters | ability_mail_server | — | — |
| code-crafters | ability_mail_server | — | — |
| code-crafters | ability_mail_server | — | — |
| code-crafters | ability_mail_server | — | — |
| code-crafters | ability_mail_server | — | — |
| code-crafters | ability_mail_server | — | — |
| code-crafters | ability_mail_server | — | — |
| code-crafters | ability_mail_server | — | — |
| code-crafters | ability_mail_server | — | — |
| code-crafters | ability_mail_server | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2006-6101 Multiple XFree86 integer overflows (CVE-2006-6102, CVE-2006-6103)
bugzilla·2006-12-07·CVSS 6.6
CVE-2006-6101 [MEDIUM] CVE-2006-6101 Multiple XFree86 integer overflows (CVE-2006-6102, CVE-2006-6103)
CVE-2006-6101 Multiple XFree86 integer overflows (CVE-2006-6102, CVE-2006-6103)
iDefense reported several integer overflow flaws in the XFree86 server source.
These flaws may allow a local user to leverage these flaws to become root.
Discussion:
These flaws also affect RHEL2.1
---
Created attachment 143094
Upstream patch
---
Built as XFree86-4.3.0-114.EL for RHEL3.
RHEL 2.1 is waiting for beehive to wake up.
---
XFree86-4.1.0-78.EL for RHEL 2.1
---
correction, -115 for RHEL3.
---
These issues are public:
http://lists.freedesktop.org/archives/xorg-announce/2007-January/000235.html
---
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution a
Bugzilla
CVE-2006-6101 Multiple xorg-x11 integer overflows (CVE-2006-6102, CVE-2006-6103)
bugzilla·2006-12-07·CVSS 6.6
CVE-2006-6101 [MEDIUM] CVE-2006-6101 Multiple xorg-x11 integer overflows (CVE-2006-6102, CVE-2006-6103)
CVE-2006-6101 Multiple xorg-x11 integer overflows (CVE-2006-6102, CVE-2006-6103)
+++ This bug was initially created as a clone of Bug #218870 +++
iDefense reported several integer overflow flaws in the XFree86 server source.
These flaws may allow a local user to leverage these flaws to become root.
-- Additional comment from [email protected] on 2006-12-07 17:06 EST --
Created an attachment (id=143094)
Upstream patch
Discussion:
Built as xorg-x11-6.8.2-1.EL.13.37.4 for RHEL4.
---
correction, -1.EL.13.37.5 for RHEL5.
---
This issue is public:
http://lists.freedesktop.org/archives/xorg-announce/2007-January/000235.html
---
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For
http://osvdb.org/42399http://osvdb.org/42400http://secunia.com/advisories/27736http://www.code-crafters.com/abilitymailserver/updatelog.htmlhttp://www.securityfocus.com/bid/26514https://exchange.xforce.ibmcloud.com/vulnerabilities/38586https://exchange.xforce.ibmcloud.com/vulnerabilities/38587http://osvdb.org/42399http://osvdb.org/42400http://secunia.com/advisories/27736http://www.code-crafters.com/abilitymailserver/updatelog.htmlhttp://www.securityfocus.com/bid/26514https://exchange.xforce.ibmcloud.com/vulnerabilities/38586https://exchange.xforce.ibmcloud.com/vulnerabilities/38587
2007-11-23
Published