Cwmail
by Netwin
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2002-0273 | 0.00 | — | 0.01 | May 31, 2002 | Buffer overflow in CWMail.exe in NetWin before 2.8a allows remote authenticated users to execute arbitrary code via a long item parameter. | |||
| CVE-2000-0611 | 0.00 | — | 0.02 | Jun 23, 2000 | The default configuration of NetWin dMailWeb and cwMail trusts all POP servers, which allows attackers to bypass normal authentication and cause a denial of service. | |||
| CVE-2000-0610 | 0.00 | — | 0.02 | Jun 23, 2000 | NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to bypass authentication and use the server for mail relay via a username that contains a carriage return. | |||
| CVE-2000-0608 | 0.00 | — | 0.01 | Jun 21, 2000 | NetWin dMailWeb and cwMail 2.6i and earlier allows remote attackers to cause a denial of service via a long POP parameter (pophost). | |||
| CVE-2000-0609 | 0.00 | — | 0.01 | Jun 21, 2000 | NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to cause a denial of service via a long username parameter. |
- CVE-2002-0273May 31, 2002risk 0.00cvss —epss 0.01
Buffer overflow in CWMail.exe in NetWin before 2.8a allows remote authenticated users to execute arbitrary code via a long item parameter.
- CVE-2000-0611Jun 23, 2000risk 0.00cvss —epss 0.02
The default configuration of NetWin dMailWeb and cwMail trusts all POP servers, which allows attackers to bypass normal authentication and cause a denial of service.
- CVE-2000-0610Jun 23, 2000risk 0.00cvss —epss 0.02
NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to bypass authentication and use the server for mail relay via a username that contains a carriage return.
- CVE-2000-0608Jun 21, 2000risk 0.00cvss —epss 0.01
NetWin dMailWeb and cwMail 2.6i and earlier allows remote attackers to cause a denial of service via a long POP parameter (pophost).
- CVE-2000-0609Jun 21, 2000risk 0.00cvss —epss 0.01
NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to cause a denial of service via a long username parameter.