MidnightBSD

Advisories for code-crafters

CVE-2004-1626 MEDIUM

Buffer overflow in Ability Server 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long STOR command.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
code-crafters ability_server 2.3.2
code-crafters ability_server 2.3.4
code-crafters ability_server 2.2.5
CVE-2004-1627 HIGH

Buffer overflow in Ability Server 2.25, 2.32, 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long APPE command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
code-crafters ability_server 2.3.2
code-crafters ability_server 2.3.4
code-crafters ability_server 2.2.5
CVE-2004-2495 HIGH

The (1) Webmail, (2) admin, and (3) SMTP services in Ability Mail Server 1.18 allow remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous connections to the service.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
code-crafters ability_mail_server 1.18
CVE-2013-6162 MEDIUM

Cross-site scripting (XSS) vulnerability in Code-Crafters Ability Mail Server 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the body of an email.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
code-crafters ability_mail_server 3.1.1