CVE-2007-0887

Опубликовано: 12 фев. 2007

Источник: nvd

CVSS2: 7.8

EPSS Средний

Описание

axigen 1.2.6 through 2.0.0b1 does not properly parse login credentials, which allows remote attackers to cause a denial of service (NULL dereference and application crash) via a base64-encoded "*\x00" sequence on the imap port (143/tcp).

Ссылки

http://marc.info/?l=full-disclosure&m=117094708423302&w=2
Third Party Advisory
http://osvdb.org/33165
Broken Link
http://secunia.com/advisories/24073
Permissions Required
http://www.securityfocus.com/bid/22473
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/32345
https://www.exploit-db.com/exploits/3290
http://marc.info/?l=full-disclosure&m=117094708423302&w=2
Third Party Advisory
http://osvdb.org/33165
Broken Link
http://secunia.com/advisories/24073
Permissions Required
http://www.securityfocus.com/bid/22473
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/32345
https://www.exploit-db.com/exploits/3290

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:gecad_technologies:axigen_mail_server:1.2.6:*:*:*:*:*:*:*

cpe:2.3:a:gecad_technologies:axigen_mail_server:2.0.0b1:*:*:*:*:*:*:*

EPSS

Процентиль: 94%

0.14029

Средний

7.8 High

CVSS2

Дефекты

CWE-476

Связанные уязвимости

GHSA-jx6r-x5x9-5vr8

github

почти 4 года назад