10

CVE-2001-1355

Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail, SurgeFTP, and possibly other packages, could allow attackers to execute arbitrary code via long arguments to (1) the -del command or (2) the -lookup command.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
NetwinDmail Version2.5d
NetwinDmail Version2.7
NetwinDmail Version2.7q
NetwinDmail Version2.7r
NetwinDmail Version2.8e
NetwinDmail Version2.8f
NetwinDmail Version2.8g
NetwinDmail Version2.8h
NetwinDmail Version2.8i
NetwinSurgeftp Version1.0b
NetwinSurgeftp Version2.0a
NetwinSurgeftp Version2.0b
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.57% 0.879
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://online.securityfocus.com/archive/1/198293
Vendor Advisory
http://www.securityfocus.com/bid/3077
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6865