Roaring Penguin
Products
4- 4 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
Recent CVEs
7| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-14102 | Hig | 0.51 | 7.8 | 0.00 | Sep 1, 2017 | MIMEDefang 2.80 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill `cat… | ||
| CVE-2001-0026 | 0.04 | — | 0.08 | Feb 12, 2001 | rp-pppoe PPPoE client allows remote attackers to cause a denial of service via the Clamp MSS option and a TCP packet with a zero-length TCP option. | |||
| CVE-2002-1121 | 0.01 | — | 0.07 | Sep 24, 2002 | SMTP content filter engines, including (1) GFI MailSecurity for Exchange/SMTP before 7.2, (2) InterScan VirusWall before 3.52 build 1494, (3) the default configuration of MIMEDefang before 2.21, and possibly other products, do not detect fragmented emails as defined in RFC2046… | |||
| CVE-2015-5957 | 0.00 | — | 0.03 | Sep 28, 2015 | Buffer overflow in the DumpSysVar function in var.c in Remind before 3.1.15 allows attackers to have unspecified impact via a long name. | |||
| CVE-2007-0884 | 0.00 | — | 0.03 | Feb 12, 2007 | Buffer overflow in Roaring Penguin MIMEDefang 2.59 and 2.60 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified vectors. | |||
| CVE-2004-1098 | 0.00 | — | 0.02 | Jan 10, 2005 | MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header. | |||
| CVE-2004-0564 | 0.00 | — | 0.00 | Dec 23, 2004 | Roaring Penguin pppoe (rp-ppoe), if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe "is NOT designed to run… |
- risk 0.51cvss 7.8epss 0.00
MIMEDefang 2.80 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill `cat…
- CVE-2001-0026Feb 12, 2001risk 0.04cvss —epss 0.08
rp-pppoe PPPoE client allows remote attackers to cause a denial of service via the Clamp MSS option and a TCP packet with a zero-length TCP option.
- CVE-2002-1121Sep 24, 2002risk 0.01cvss —epss 0.07
SMTP content filter engines, including (1) GFI MailSecurity for Exchange/SMTP before 7.2, (2) InterScan VirusWall before 3.52 build 1494, (3) the default configuration of MIMEDefang before 2.21, and possibly other products, do not detect fragmented emails as defined in RFC2046…
- CVE-2015-5957Sep 28, 2015risk 0.00cvss —epss 0.03
Buffer overflow in the DumpSysVar function in var.c in Remind before 3.1.15 allows attackers to have unspecified impact via a long name.
- CVE-2007-0884Feb 12, 2007risk 0.00cvss —epss 0.03
Buffer overflow in Roaring Penguin MIMEDefang 2.59 and 2.60 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified vectors.
- CVE-2004-1098Jan 10, 2005risk 0.00cvss —epss 0.02
MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header.
- CVE-2004-0564Dec 23, 2004risk 0.00cvss —epss 0.00
Roaring Penguin pppoe (rp-ppoe), if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe "is NOT designed to run…