cbcvebase.

Rockliffe Mailsite vulnerabilities

8 known vulnerabilities affecting rockliffe/mailsite.

Total CVEs
8
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH2MEDIUM4

Vulnerabilities

Page 1 of 1
CVE-2000-0398P3CRITICALCVSS 10.0v4.2.102000-05-24
CVE-2000-0398 [CRITICAL] CVE-2000-0398: Buffer overflow in wconsole.dll in Rockliffe MailSite Management Agent allows remote attackers to ex Buffer overflow in wconsole.dll in Rockliffe MailSite Management Agent allows remote attackers to execute arbitrary commands via a long query_string parameter in the HTTP GET request.
nvd
CVE-2006-0128P3CRITICALCVSS 10.0≤ 6.1.22.02006-01-09
CVE-2006-0128 [CRITICAL] CVE-2006-0128: Buffer overflow in the IMAP service of Rockliffe MailSite before 6.1.22.1 allows remote attackers to Buffer overflow in the IMAP service of Rockliffe MailSite before 6.1.22.1 allows remote attackers to have an unknown impact via unknown attack vectors.
nvd
CVE-2006-0341P4MEDIUMCVSS 4.3PoC≤ 6.1.22≤ 7.0.3.12006-01-06
CVE-2006-0341 [MEDIUM] CVE-2006-0341: Cross-site scripting (XSS) vulnerability in WCONSOLE.DLL in Rockliffe MailSite 5.x and 6.1.22 and ea Cross-site scripting (XSS) vulnerability in WCONSOLE.DLL in Rockliffe MailSite 5.x and 6.1.22 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string.
nvd
CVE-2006-0130P4HIGHCVSS 7.5≤ 7.0.3.12006-01-09
CVE-2006-0130 [HIGH] CVE-2006-0130: Mail Management Agent (MAILMA) (aka Mail Management Server) in Rockliffe MailSite 7.0.3.1 and earlie Mail Management Agent (MAILMA) (aka Mail Management Server) in Rockliffe MailSite 7.0.3.1 and earlier allows remote attackers to attempt authentication with an unlimited number of user account names and passwords without denying connections, limiting the rate of connections, or locking out an account.
nvd
CVE-2006-0342P4HIGHCVSS 7.8v7.0.3.12006-01-21
CVE-2006-0342 [HIGH] CWE-399 CVE-2006-0342: RockLiffe MailSite HTTP Mail management agent (httpma) 7.0.3.1 allows remote attackers to cause a de RockLiffe MailSite HTTP Mail management agent (httpma) 7.0.3.1 allows remote attackers to cause a denial of service (CPU consumption and crash) via a malformed query string containing special characters such as "|".
nvd
CVE-2006-0129P4MEDIUMCVSS 5.0≤ 7.0.3.12006-01-09
CVE-2006-0129 [MEDIUM] CVE-2006-0129: Mail Management Agent (MAILMA) (aka Mail Management Server) in Rockliffe MailSite 7.0.3.1 and earlie Mail Management Agent (MAILMA) (aka Mail Management Server) in Rockliffe MailSite 7.0.3.1 and earlier generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames via user requests to TCP port 106.
nvd
CVE-2006-0790P4MEDIUMCVSS 5.0v4.2.10v5+3 more2006-02-19
CVE-2006-0790 [MEDIUM] CVE-2006-0790: Rockliffe MailSite 7.0 and earlier allows remote attackers to cause a denial of service by sending c Rockliffe MailSite 7.0 and earlier allows remote attackers to cause a denial of service by sending crafted LDAP packets to port 389/TCP, as demonstrated by the ProtoVer LDAP testsuite.
nvd
CVE-2006-0127P4MEDIUMCVSS 4.0≤ 6.1.22.02006-01-09
CVE-2006-0127 [MEDIUM] CVE-2006-0127: Directory traversal vulnerability in the IMAP service of Rockliffe MailSite before 6.1.22.1 allows r Directory traversal vulnerability in the IMAP service of Rockliffe MailSite before 6.1.22.1 allows remote authenticated users to rename the folders of other users via a .. (dot dot) in the RENAME command.
nvd
Rockliffe Mailsite vulnerabilities | cvebase