Slmail Pro
CVEs (10)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2003-0264 | 0.09 | — | 0.71 | May 27, 2003 | Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execute arbitrary code via (1) a long EHLO argument to slmail.exe, (2) a long XTRN argument to slmail.exe, (3) a long string to POPPASSWD, or (4) a long password to the POP3 server. | |||
| CVE-2008-1690 | 0.03 | — | 0.06 | Apr 7, 2008 | WebContainer.exe 1.0.0.336 and earlier in SLMail Pro 6.3.1.0 and earlier allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a long URI in HTTP requests to TCP port 801. NOTE: some of these details are… | |||
| CVE-2004-0356 | 0.01 | — | 0.07 | Nov 23, 2004 | Stack-based buffer overflow in Supervisor Report Center in SL Mail Pro 2.0.9 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a long HTTP sub-version. | |||
| CVE-2008-1689 | 0.00 | — | 0.02 | Apr 7, 2008 | Stack consumption vulnerability in WebContainer.exe 1.0.0.336 and earlier in SLMail Pro 6.3.1.0 and earlier allows remote attackers to cause a denial of service (daemon crash) via a long request header in an HTTP request to TCP port 801. NOTE: some of these details are obtained… | |||
| CVE-2008-1691 | 0.00 | — | 0.01 | Apr 7, 2008 | Unspecified vulnerability in SLMail.exe in SLMail Pro 6.3.1.0 and earlier allows remote attackers to cause a denial of service (UDP service outage) via a large packet to UDP port 54. NOTE: some of these details are obtained from third party information. | |||
| CVE-2004-0357 | 0.00 | — | 0.05 | Nov 23, 2004 | Stack-based buffer overflows in SL Mail Pro 2.0.9 allow remote attackers to execute arbitrary code via (1) user.dll, (2) loadpageadmin.dll or (3) loadpageuser.dll. | |||
| CVE-1999-0380 | 0.00 | — | 0.00 | Feb 25, 1999 | SLMail 3.1 and 3.2 allows local users to access any file in the NTFS file system when the Remote Administration Service (RAS) is enabled by setting a user's Finger File to point to the target file, then running finger on the user. | |||
| CVE-1999-0231 | 0.00 | — | 0.01 | Jan 1, 1999 | Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 packages using a long VRFY command, causing a denial of service and possibly remote access. | |||
| CVE-1999-1265 | 0.00 | — | 0.02 | Sep 22, 1998 | SMTP server in SLmail 3.1 and earlier allows remote attackers to cause a denial of service via malformed commands whose arguments begin with a "(" (parenthesis) character, such as (1) SEND, (2) VRFY, (3) EXPN, (4) MAIL FROM, (5) RCPT TO. | |||
| CVE-1999-0102 | 0.00 | — | 0.02 | Jul 9, 1998 | Buffer overflow in SLmail 3.x allows attackers to execute commands using a large FROM line. |
- CVE-2003-0264May 27, 2003risk 0.09cvss —epss 0.71
Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execute arbitrary code via (1) a long EHLO argument to slmail.exe, (2) a long XTRN argument to slmail.exe, (3) a long string to POPPASSWD, or (4) a long password to the POP3 server.
- CVE-2008-1690Apr 7, 2008risk 0.03cvss —epss 0.06
WebContainer.exe 1.0.0.336 and earlier in SLMail Pro 6.3.1.0 and earlier allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a long URI in HTTP requests to TCP port 801. NOTE: some of these details are…
- CVE-2004-0356Nov 23, 2004risk 0.01cvss —epss 0.07
Stack-based buffer overflow in Supervisor Report Center in SL Mail Pro 2.0.9 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a long HTTP sub-version.
- CVE-2008-1689Apr 7, 2008risk 0.00cvss —epss 0.02
Stack consumption vulnerability in WebContainer.exe 1.0.0.336 and earlier in SLMail Pro 6.3.1.0 and earlier allows remote attackers to cause a denial of service (daemon crash) via a long request header in an HTTP request to TCP port 801. NOTE: some of these details are obtained…
- CVE-2008-1691Apr 7, 2008risk 0.00cvss —epss 0.01
Unspecified vulnerability in SLMail.exe in SLMail Pro 6.3.1.0 and earlier allows remote attackers to cause a denial of service (UDP service outage) via a large packet to UDP port 54. NOTE: some of these details are obtained from third party information.
- CVE-2004-0357Nov 23, 2004risk 0.00cvss —epss 0.05
Stack-based buffer overflows in SL Mail Pro 2.0.9 allow remote attackers to execute arbitrary code via (1) user.dll, (2) loadpageadmin.dll or (3) loadpageuser.dll.
- CVE-1999-0380Feb 25, 1999risk 0.00cvss —epss 0.00
SLMail 3.1 and 3.2 allows local users to access any file in the NTFS file system when the Remote Administration Service (RAS) is enabled by setting a user's Finger File to point to the target file, then running finger on the user.
- CVE-1999-0231Jan 1, 1999risk 0.00cvss —epss 0.01
Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 packages using a long VRFY command, causing a denial of service and possibly remote access.
- CVE-1999-1265Sep 22, 1998risk 0.00cvss —epss 0.02
SMTP server in SLmail 3.1 and earlier allows remote attackers to cause a denial of service via malformed commands whose arguments begin with a "(" (parenthesis) character, such as (1) SEND, (2) VRFY, (3) EXPN, (4) MAIL FROM, (5) RCPT TO.
- CVE-1999-0102Jul 9, 1998risk 0.00cvss —epss 0.02
Buffer overflow in SLmail 3.x allows attackers to execute commands using a large FROM line.