CVE Vulnerabilities

CVE-2001-1355

Published: Jul 20, 2001 | Modified: Dec 19, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail, SurgeFTP, and possibly other packages, could allow attackers to execute arbitrary code via long arguments to (1) the -del command or (2) the -lookup command.

Affected Software

Name Vendor Start Version End Version
Dmail Netwin 2.5d 2.5d
Dmail Netwin 2.7 2.7
Dmail Netwin 2.7q 2.7q
Dmail Netwin 2.7r 2.7r
Dmail Netwin 2.8e 2.8e
Dmail Netwin 2.8f 2.8f
Dmail Netwin 2.8g 2.8g
Dmail Netwin 2.8h 2.8h
Dmail Netwin 2.8i 2.8i
Surgeftp Netwin 1.0b 1.0b
Surgeftp Netwin 2.0a 2.0a
Surgeftp Netwin 2.0b 2.0b

References