MidnightBSD

Advisories for netwin

CVE-2000-0422 HIGH

Buffer overflow in Netwin DMailWeb CGI program allows remote attackers to execute arbitrary commands via a long utoken parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin dmail 2.5d
CVE-2000-0423 MEDIUM

Buffer overflow in Netwin DNEWSWEB CGI program allows remote attackers to execute arbitrary commands via long parameters such as group, cmd, and utag.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin dnews 5.3
CVE-2000-0490 HIGH

Buffer overflow in the NetWin DSMTP 2.7q in the NetWin dmail package allows remote attackers to execute arbitrary commands via a long ETRN request.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin dmail 2.7q
netwin dmail 2.8g
netwin dmail 2.8e
netwin dmail 2.8f
netwin dmail 2.8h
netwin dmail 2.7
CVE-2000-0608 MEDIUM

NetWin dMailWeb and cwMail 2.6i and earlier allows remote attackers to cause a denial of service via a long POP parameter (pophost).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin dmailweb 2.5e
netwin cwmail 2.5e
netwin cwmail 2.6g
netwin dmailweb 2.6g
netwin dmailweb 2.6i
netwin cwmail 2.6j
netwin dmailweb 2.6j
netwin cwmail 2.6i
CVE-2000-0609 MEDIUM

NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to cause a denial of service via a long username parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin dmailweb 2.5e
netwin cwmail 2.5e
netwin cwmail 2.6g
netwin dmailweb 2.6g
netwin dmailweb 2.6i
netwin cwmail 2.6j
netwin dmailweb 2.6j
netwin cwmail 2.6i
CVE-2000-0610 MEDIUM

NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to bypass authentication and use the server for mail relay via a username that contains a carriage return.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin cwmail 2.6g
netwin dmailweb 2.6g
CVE-2000-0611 MEDIUM

The default configuration of NetWin dMailWeb and cwMail trusts all POP servers, which allows attackers to bypass normal authentication and cause a denial of service.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin cwmail 2.6g
netwin dmailweb 2.6g
CVE-2000-0782 MEDIUM

netauth.cgi program in Netwin Netauth 4.2e and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin netauth *
CVE-2001-0696 MEDIUM

NetWin SurgeFTP 2.0a and 1.0b allows a remote attacker to cause a denial of service (crash) via a CD command to a directory with an MS-DOS device name such as con.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin surgeftp 1.0b
netwin surgeftp 2.0a
CVE-2001-0697 MEDIUM

NetWin SurgeFTP prior to 1.1h allows a remote attacker to cause a denial of service (crash) via an 'ls ..' command.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin surgeftp *
CVE-2001-0698 MEDIUM

Directory traversal vulnerability in NetWin SurgeFTP 2.0a and 1.0b allows a remote attacker to list arbitrary files and directories via the 'nlist ...' command.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin surgeftp 1.0b
netwin surgeftp 2.0a
CVE-2001-1354 MEDIUM

NetWin Authentication module (NWAuth) 2.0 and 3.0b, as implemented in SurgeFTP, DMail, and possibly other packages, uses weak password hashing, which could allow local users to decrypt passwords or use a different password that has the same hash value as the correct password.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin dmail 2.8e
netwin surgeftp 2.0b
netwin dmail 2.5d
netwin dmail 2.8f
netwin surgeftp 2.0a
netwin dmail 2.7r
netwin dmail 2.7q
netwin dmail 2.8g
netwin surgeftp 1.0b
netwin dmail 2.8h
netwin dmail 2.7
netwin dmail 2.8i
CVE-2001-1355 HIGH

Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail, SurgeFTP, and possibly other packages, could allow attackers to execute arbitrary code via long arguments to (1) the -del command or (2) the -lookup command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin dmail 2.8e
netwin surgeftp 2.0b
netwin dmail 2.5d
netwin dmail 2.8f
netwin surgeftp 2.0a
netwin dmail 2.7r
netwin dmail 2.7q
netwin dmail 2.8g
netwin surgeftp 1.0b
netwin dmail 2.8h
netwin dmail 2.7
netwin dmail 2.8i
CVE-2001-1356 HIGH

NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allows remote attackers to conduct brute force password guessing attacks against the administrator account on port 7021.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin surgeftp 2.0f
netwin surgeftp 2.0b
netwin surgeftp 2.0a
netwin surgeftp 2.0c
netwin surgeftp 2.0d
netwin surgeftp 2.0e
CVE-2002-0273 MEDIUM

Buffer overflow in CWMail.exe in NetWin before 2.8a allows remote authenticated users to execute arbitrary code via a long item parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin cwmail 2.7n
netwin cwmail 2.7t
netwin cwmail 2.7d
netwin cwmail 2.7l
netwin cwmail 2.7b
netwin cwmail 2.7a
netwin cwmail 2.7j
netwin cwmail 2.7s
netwin cwmail 2.7k
netwin cwmail 2.7c
netwin cwmail 2.7i
netwin cwmail 2.7q
netwin cwmail 2.7o
netwin cwmail 2.7f
netwin cwmail 2.7m
netwin cwmail 2.7p
netwin cwmail 2.7
CVE-2002-0290 HIGH

Buffer overflow in Netwin WebNews CGI program 1.1, Webnews.exe, allows remote attackers to execute arbitrary code via a long group argument.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin webnews 1.1i
netwin webnews 1.1h
netwin webnews 1.1j
CVE-2002-0310 HIGH

Netwin WebNews 1.1k CGI program includes several default usernames and cleartext passwords that cannot be deleted by the administrator, which allows remote attackers to gain privileges via the username/password combinations (1) testweb/newstest, (2) alwn3845/imaptest, (3) alwi3845/wtest3452, or (4) testweb2/wtest4879.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin webnews 1.1i
netwin webnews 1.1h
netwin webnews 1.1j
netwin webnews 1.1k
CVE-2004-2253 MEDIUM

Directory traversal vulnerability in user.cgi in SurgeLDAP 1.0g and earlier allows remote attackers to read arbitrary files via a .. in the page parameter of the show command.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin surgeldap 1.0e
netwin surgeldap 1.0g
netwin surgeldap 1.0d
CVE-2004-2254 HIGH

SurgeLDAP 1.0g (Build 12), and possibly other versions before 1.0h, allows remote attackers to bypass authentication for the administration interface via a direct request to admin.cgi with a modified utoken parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin surgeldap 1.0f
netwin surgeldap 1.0b
netwin surgeldap 1.0e
netwin surgeldap 1.0a
netwin surgeldap 1.0g
netwin surgeldap 1.0d
CVE-2004-2537 HIGH

Unspecified vulnerability in SurgeMail before 2.2c10 has unknown impact and attack vectors, related to a "Webmail security bug."

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin surgemail 1.8d
netwin surgemail 2.0a2
netwin surgemail 2.1a
netwin surgemail 2.1c7
netwin surgemail 1.8f
netwin surgemail 2.0c
netwin surgemail 1.9b2
netwin surgemail 1.8a
netwin surgemail 1.8b3
netwin surgemail 2.2a6
netwin surgemail 1.8g3
netwin surgemail 2.0e
netwin surgemail 1.9
netwin surgemail 2.0g2
CVE-2004-2547 LOW

NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to obtain sensitive information via HTTP requests that (a) specify the / URI, (b) specify the /scripts/ URI, or (c) specify a non-existent file, which reveal the path in an error message.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin surgemail 1.8d
netwin surgemail 1.5b
netwin surgemail 1.3a_rc1
netwin surgemail 1.3i
netwin surgemail 1.3a
netwin surgemail 1.5d
netwin surgemail 1.6d
netwin surgemail 1.5a
netwin surgemail 1.0c
netwin surgemail 1.2c
netwin surgemail 1.3h
netwin surgemail 1.6e2
netwin surgemail 1.3b
netwin surgemail 1.5c
netwin surgemail 1.9b2
netwin surgemail 1.5f
netwin surgemail 1.8a
netwin surgemail 1.8b3
netwin surgemail 1.3g
netwin surgemail 1.6e
netwin surgemail 1.0d
netwin surgemail 1.4b
netwin surgemail 1.2a
netwin surgemail 1.3k
netwin surgemail 1.4c
netwin surgemail 1.1c
netwin surgemail 1.4a
netwin surgemail 1.3d
netwin surgemail 1.2b
netwin surgemail 1.3l
netwin surgemail 2.0a2
netwin surgemail 1.3c
netwin surgemail 1.3e
netwin surgemail 1.1a
netwin surgemail 1.7b3
netwin surgemail 1.3f
netwin surgemail 1.3j
netwin surgemail 1.5d2
netwin surgemail 1.1d
netwin surgemail 1.1b
netwin surgemail 1.6b
netwin surgemail 1.8g3
netwin webmail 3.1d
netwin surgemail 1.7a
netwin surgemail 1.6a
netwin surgemail 1.8e
CVE-2004-2548 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to inject arbitrary web script or HTML via (a) a URI containing the script, or (b) the username field in the login form. NOTE: it is possible that the first attack vector is resultant from the error message issue (CVE-2004-2547).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin surgemail 1.8d
netwin surgemail *
netwin surgemail 1.9b2
netwin surgemail 1.8a
netwin surgemail 1.8b3
netwin surgemail 1.8g3
netwin surgemail 1.8f
netwin surgemail 1.9
netwin webmail 3.1d
CVE-2005-0846 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in the email auto-reply message in SurgeMail 2.2g3 allow remote attackers to inject arbitrary web script or HTML via the (1) message subject or (2) message header field.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin surgemail 2.2g3
CVE-2005-1034 MEDIUM

SurgeFTP 2.2m1 allows remote attackers to cause a denial of service (application hang) via the LEAK command.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin surgeftp 2.2k3
netwin surgeftp 2.2m1
CVE-2005-1478 HIGH

Format string vulnerability in dSMTP (dsmtp.exe) in DMail 3.1a allows remote attackers to execute arbitrary code via format string specifiers in the xtellmail command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin dmail 3.1a
netwin dmail 3.1b
CVE-2005-1516 HIGH

DList (dlist.exe) in DMail 3.1a allows remote attackers to bypass authentication, read log files, and shutdown the system via a sendlog command with an incorrect password hash, which is not properly handled by the _cmd_sendlog function.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin dmail 3.1a
CVE-2005-1714 MEDIUM

Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 3.0c2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netwin surgemail 3.0c2
CVE-2010-1068 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in surgeftpmgr.cgi in NetWin SurgeFTP 2.3a6 allow remote attackers to inject arbitrary web script or HTML via the (1) domainid or (2) classid parameter in a class action.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
netwin surgeftp 2.3a6
CVE-2010-3201 MEDIUM

Cross-site scripting (XSS) vulnerability in NetWin Surgemail before 4.3g allows remote attackers to inject arbitrary web script or HTML via the username_ex parameter to the surgeweb program.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
netwin surgemail 1.8d
netwin surgemail 3.8o
netwin surgemail 1.6d
netwin surgemail 2.0c
netwin surgemail 1.3h
netwin surgemail 3.8u
netwin surgemail 1.6e2
netwin surgemail 3.5a
netwin surgemail 1.3b
netwin surgemail 1.5c
netwin surgemail 3.9a
netwin surgemail 1.3g
netwin surgemail 4.0k
netwin surgemail 3.0c2
netwin surgemail 3.8s
netwin surgemail 1.4c
netwin surgemail 3.9c
netwin surgemail 1.1c
netwin surgemail 1.4a
netwin surgemail 2.2g3
netwin surgemail 3.9e
netwin surgemail 2.1c7
netwin surgemail 1.5d2
netwin surgemail 3.6f7
netwin surgemail 1.1d
netwin surgemail 1.9
netwin surgemail 3.8k4
netwin surgemail 1.6a
netwin surgemail 4.0a
netwin surgemail 1.5b
netwin surgemail 4.2a3-3
netwin surgemail 1.3a_rc1
netwin surgemail 3.1s
netwin surgemail 1.3a
netwin surgemail 2.2c10
netwin surgemail 1.2c
netwin surgemail beta_3.9a
netwin surgemail 4.0v-8
netwin surgemail 3.7b5
netwin surgemail 1.6e
netwin surgemail 1.0d
netwin surgemail 1.4b
netwin surgemail 3.7b3
netwin surgemail 4.2d2-2
netwin surgemail 1.3l
netwin surgemail 1.3e
netwin surgemail 3.6d
netwin surgemail 1.3j
netwin surgemail 3.8b
netwin surgemail 3.8f2
netwin surgemail 3.8q
netwin surgemail 3.9g
netwin surgemail 4.0u3
netwin surgemail 4.2a2-3
netwin surgemail 2.0e
netwin surgemail 3.7b8
netwin surgemail 3.8d
netwin surgemail 4.2d-1
netwin surgemail 3.2e
netwin surgemail 2.1a
netwin surgemail 4.2a2-2
netwin surgemail 1.5a
netwin surgemail *
netwin surgemail 1.9b2
netwin surgemail 1.8a
netwin surgemail 1.8b3
netwin surgemail 2.2a6
netwin surgemail 2.0g2
netwin surgemail 1.3k
netwin surgemail 3.8f3
netwin surgemail 1.2b
netwin surgemail 3.8f
netwin surgemail 3.8i3
netwin surgemail 3.9g2
netwin surgemail 1.7b3
netwin surgemail 3.0a
netwin surgemail 1.8f
netwin surgemail 1.1b
netwin surgemail 3.6f3
netwin surgemail 2.2g2
netwin surgemail 3.8k3
netwin surgemail 3.8i
netwin surgemail 1.8g3
netwin surgemail 1.7a
netwin surgemail 2.2c9
netwin surgemail 3.8k
netwin surgemail 1.3i
netwin surgemail 3.8a
netwin surgemail 1.5d
netwin surgemail 1.0c
netwin surgemail 4.0u4
netwin surgemail 3.7b
netwin surgemail 3.6f5
netwin surgemail 1.5f
netwin surgemail 1.2a
netwin surgemail 3.8i2
netwin surgemail 3.8m
netwin surgemail 4.2d3-3
netwin surgemail 1.3d
netwin surgemail 3.5b3
netwin surgemail 2.0a2
netwin surgemail 1.3c
netwin surgemail 3.7b6
netwin surgemail 1.1a
netwin surgemail 1.3f
netwin surgemail 3.7b7
netwin surgemail 3.8k2
netwin surgemail 1.6b
netwin surgemail 1.8e
CVE-2013-4742 HIGH

Buffer overflow in NetWin SurgeFTP before 23d2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string within the authentication request.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
netwin surgeftp 2.3a12
netwin surgeftp 2.3a10
netwin surgeftp 2.0f
netwin surgeftp 2.2k3
netwin surgeftp 2.3a6
netwin surgeftp 2.0c
netwin surgeftp 2.3a8
netwin surgeftp *
netwin surgeftp 2.0d
netwin surgeftp 2.2k1
netwin surgeftp 2.3a1
netwin surgeftp 2.3a9
netwin surgeftp 2.3a2
netwin surgeftp 2.2m1
netwin surgeftp 2.3a7
netwin surgeftp 2.0e
CVE-2017-17933 MEDIUM

cgi/surgeftpmgr.cgi (aka the Web Manager interface on TCP port 7021 or 9021) in NetWin SurgeFTP version 23f2 has XSS via the classid, domainid, or username parameter.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
netwin surgeftp 23f2