All the vulnerabilites related to netscape - messaging_server
cve-2000-0961
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:37
Severity ?
EPSS score ?
Summary
Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch 2 allows local users to execute arbitrary commands via a long LIST command.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/1721 | vdb-entry, x_refsource_BID | |
| http://archives.neohapsis.com/archives/bugtraq/2000-09/0334.html | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/5292 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:37:31.846Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1721",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1721"
},
{
"name": "20000928 commercial products and security [ + new bug ]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0334.html"
},
{
"name": "netscape-messaging-list-dos(5292)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5292"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-10-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch 2 allows local users to execute arbitrary commands via a long LIST command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1721",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1721"
},
{
"name": "20000928 commercial products and security [ + new bug ]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0334.html"
},
{
"name": "netscape-messaging-list-dos(5292)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5292"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0961",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch 2 allows local users to execute arbitrary commands via a long LIST command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1721",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1721"
},
{
"name": "20000928 commercial products and security [ + new bug ]",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0334.html"
},
{
"name": "netscape-messaging-list-dos(5292)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5292"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0961",
"datePublished": "2001-01-22T05:00:00",
"dateReserved": "2000-11-24T00:00:00",
"dateUpdated": "2024-08-08T05:37:31.846Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-1532
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:18
Severity ?
EPSS score ?
Summary
Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker to cause a denial of service (memory exhaustion) via a series of long RCPT TO commands.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=94117465014255&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/748 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:18:07.522Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19991029 message:Netscape Messaging Server RCPT TO vul.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=94117465014255\u0026w=2"
},
{
"name": "748",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/748"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-10-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker to cause a denial of service (memory exhaustion) via a series of long RCPT TO commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19991029 message:Netscape Messaging Server RCPT TO vul.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=94117465014255\u0026w=2"
},
{
"name": "748",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/748"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1532",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker to cause a denial of service (memory exhaustion) via a series of long RCPT TO commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19991029 message:Netscape Messaging Server RCPT TO vul.",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=94117465014255\u0026w=2"
},
{
"name": "748",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/748"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1532",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:18:07.522Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0960
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:37
Severity ?
EPSS score ?
Summary
The POP3 server in Netscape Messaging Server 4.15p1 generates different error messages for incorrect user names versus incorrect passwords, which allows remote attackers to determine valid users on the system and harvest email addresses for spam abuse.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/1787 | vdb-entry, x_refsource_BID | |
| http://marc.info/?l=bugtraq&m=97138100426121&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/5364 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:37:31.635Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1787",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1787"
},
{
"name": "20001011 Netscape Messaging server 4.15 poor error strings",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=97138100426121\u0026w=2"
},
{
"name": "netscape-messaging-email-verify(5364)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5364"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-10-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The POP3 server in Netscape Messaging Server 4.15p1 generates different error messages for incorrect user names versus incorrect passwords, which allows remote attackers to determine valid users on the system and harvest email addresses for spam abuse."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1787",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1787"
},
{
"name": "20001011 Netscape Messaging server 4.15 poor error strings",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=97138100426121\u0026w=2"
},
{
"name": "netscape-messaging-email-verify(5364)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5364"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0960",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The POP3 server in Netscape Messaging Server 4.15p1 generates different error messages for incorrect user names versus incorrect passwords, which allows remote attackers to determine valid users on the system and harvest email addresses for spam abuse."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1787"
},
{
"name": "20001011 Netscape Messaging server 4.15 poor error strings",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=97138100426121\u0026w=2"
},
{
"name": "netscape-messaging-email-verify(5364)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5364"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0960",
"datePublished": "2001-01-22T05:00:00",
"dateReserved": "2000-11-24T00:00:00",
"dateUpdated": "2024-08-08T05:37:31.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0007
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
EPSS score ?
Summary
Information from SSL-encrypted sessions via PKCS #1.
References
| ▼ | URL | Tags |
|---|---|---|
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-002 | vendor-advisory, x_refsource_MS |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:56.484Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MS98-002",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-002"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Information from SSL-encrypted sessions via PKCS #1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MS98-002",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-002"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0007",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Information from SSL-encrypted sessions via PKCS #1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS98-002",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-002"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0007",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:56.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0005
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
EPSS score ?
Summary
Arbitrary command execution via IMAP buffer overflow in authenticate command.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/130 | vdb-entry, x_refsource_BID | |
| http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/177 | vendor-advisory, x_refsource_SUN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:56.689Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "130",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/130"
},
{
"name": "00177",
"tags": [
"vendor-advisory",
"x_refsource_SUN",
"x_transferred"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/177"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Arbitrary command execution via IMAP buffer overflow in authenticate command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "130",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/130"
},
{
"name": "00177",
"tags": [
"vendor-advisory",
"x_refsource_SUN"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/177"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0005",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Arbitrary command execution via IMAP buffer overflow in authenticate command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "130",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/130"
},
{
"name": "00177",
"refsource": "SUN",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/177"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0005",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:56.689Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2000-12-19 05:00
Modified
2024-11-20 23:33
Severity ?
Summary
Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch 2 allows local users to execute arbitrary commands via a long LIST command.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | messaging_server | 4.0 | |
| netscape | netscape_messaging_server_multiplexor | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:messaging_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BFC3BDA-6B7E-4C95-8455-C60A61560C06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:netscape_messaging_server_multiplexor:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96C18478-4A02-48BE-AC28-AC4FF1D8F436",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch 2 allows local users to execute arbitrary commands via a long LIST command."
}
],
"id": "CVE-2000-0961",
"lastModified": "2024-11-20T23:33:41.163",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-12-19T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0334.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1721"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5292"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0334.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5292"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-07-20 04:00
Modified
2024-11-20 23:27
Severity ?
Summary
Arbitrary command execution via IMAP buffer overflow in authenticate command.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | messaging_server | 3.55 | |
| university_of_washington | imap | 10.234 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:messaging_server:3.55:*:*:*:*:*:*:*",
"matchCriteriaId": "26CE0F92-0E43-454D-B996-428FD8A72E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:university_of_washington:imap:10.234:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBB1912-BA9F-4856-A5AA-136B06E7A083",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Arbitrary command execution via IMAP buffer overflow in authenticate command."
}
],
"id": "CVE-1999-0005",
"lastModified": "2024-11-20T23:27:34.987",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-07-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/177"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/130"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-12-19 05:00
Modified
2024-11-20 23:33
Severity ?
Summary
The POP3 server in Netscape Messaging Server 4.15p1 generates different error messages for incorrect user names versus incorrect passwords, which allows remote attackers to determine valid users on the system and harvest email addresses for spam abuse.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | messaging_server | 4.15 | |
| netscape | messaging_server | 4.15 | |
| netscape | messaging_server | 4.15 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:messaging_server:4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "294BA50A-A19B-46F8-8D9E-4F0DA98F74E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:messaging_server:4.15:patch1:*:*:*:*:*:*",
"matchCriteriaId": "41AD2442-625E-4654-8654-0BF345FAC3B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:messaging_server:4.15:patch2:*:*:*:*:*:*",
"matchCriteriaId": "32228CBD-0C64-40B9-85A8-6925FDEEC89F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The POP3 server in Netscape Messaging Server 4.15p1 generates different error messages for incorrect user names versus incorrect passwords, which allows remote attackers to determine valid users on the system and harvest email addresses for spam abuse."
}
],
"id": "CVE-2000-0960",
"lastModified": "2024-11-20T23:33:41.023",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-12-19T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=97138100426121\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1787"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5364"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=97138100426121\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5364"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-10-29 04:00
Modified
2024-11-20 23:31
Severity ?
Summary
Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker to cause a denial of service (memory exhaustion) via a series of long RCPT TO commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | messaging_server | 3.6 | |
| netscape | messaging_server | 3.54 | |
| netscape | messaging_server | 3.55 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:messaging_server:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B3EE4492-651C-4B65-B905-31D7E8E30E91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:messaging_server:3.54:*:*:*:*:*:*:*",
"matchCriteriaId": "11AA27C0-D579-49E6-8479-D5DFFAC96D4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:messaging_server:3.55:*:*:*:*:*:*:*",
"matchCriteriaId": "26CE0F92-0E43-454D-B996-428FD8A72E11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker to cause a denial of service (memory exhaustion) via a series of long RCPT TO commands."
}
],
"id": "CVE-1999-1532",
"lastModified": "2024-11-20T23:31:20.510",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-10-29T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=94117465014255\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/748"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=94117465014255\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/748"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-06-26 04:00
Modified
2024-11-20 23:27
Severity ?
Summary
Information from SSL-encrypted sessions via PKCS #1.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-002 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-002 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| c2net | stonghold_web_server | 2.0.1 | |
| c2net | stonghold_web_server | 2.2 | |
| c2net | stonghold_web_server | 2.3 | |
| hp | open_market_secure_webserver | 2.1 | |
| microsoft | exchange_server | 5.5 | |
| microsoft | internet_information_server | 3.0 | |
| microsoft | internet_information_server | 4.0 | |
| microsoft | site_server | 3.0 | |
| netscape | certificate_server | 1.0 | |
| netscape | collabra_server | 3.5.2 | |
| netscape | directory_server | 1.3 | |
| netscape | directory_server | 3.1 | |
| netscape | directory_server | 3.12 | |
| netscape | enterprise_server | 2.0 | |
| netscape | enterprise_server | 3.0.1b | |
| netscape | enterprise_server | 3.5.1 | |
| netscape | fasttrack_server | 3.01b | |
| netscape | messaging_server | 3.54 | |
| netscape | proxy_server | 3.5.1 | |
| ssleay | ssleay | 0.6.6 | |
| ssleay | ssleay | 0.8.1 | |
| ssleay | ssleay | 0.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:c2net:stonghold_web_server:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90FA74D1-FF25-44C0-B86C-FBE74A0206CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:c2net:stonghold_web_server:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E7F153A-5396-4C3C-995B-570D13DB6B2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:c2net:stonghold_web_server:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BBDFAE58-F8CC-453F-A006-532212B21F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:open_market_secure_webserver:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA2E007E-898A-4EC7-9040-A02DABA3A5B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:5.5:-:*:*:*:*:*:*",
"matchCriteriaId": "B4F9C143-4734-4E5D-9281-F51513C5CAAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_information_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "547AB6E2-4E9F-4783-8BB4-0AE297A38C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_information_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D47E9C4-5439-4A82-BBD8-D6B482B47E51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:site_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4A503018-356B-46D9-965F-60750B5B7484",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:certificate_server:1.0:patch1:*:*:*:*:*:*",
"matchCriteriaId": "72E930EF-CCEC-44EA-AA45-18644EFDA5F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:collabra_server:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B49C090C-979F-44F2-BAAC-71E11611BDF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:directory_server:1.3:patch5:*:*:*:*:*:*",
"matchCriteriaId": "1CD1E4C9-BFF1-4818-A1B8-ECD7B54C8B03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:directory_server:3.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "492922BE-3B31-486C-94B5-114089E51E53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:directory_server:3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "70E0FF18-9B01-4500-9599-8F085655C388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E5E0298-99D9-476D-A7DF-36C6207482DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:3.0.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "D94D2CA3-9868-4F27-B31D-D3EDC256BE5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:enterprise_server:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4147A43C-DA7B-4D08-90E9-72DE57B1D61D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:fasttrack_server:3.01b:*:*:*:*:*:*:*",
"matchCriteriaId": "55193435-0136-422D-A936-B1FEEC328A0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:messaging_server:3.54:*:*:*:*:*:*:*",
"matchCriteriaId": "11AA27C0-D579-49E6-8479-D5DFFAC96D4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:proxy_server:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E47FCF41-3D06-493B-AD7B-626F4C279944",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssleay:ssleay:0.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "64568219-B33C-4507-9E04-536E7B11D2F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssleay:ssleay:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "29C56055-3DB2-4A23-8301-6F6AB4BA38AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssleay:ssleay:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "76F1B179-25A4-4A72-9E42-43DA61CA1475",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Information from SSL-encrypted sessions via PKCS #1."
}
],
"id": "CVE-1999-0007",
"lastModified": "2024-11-20T23:27:35.517",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-06-26T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-002"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-327"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}