MidnightBSD

Advisories for seattle_lab_software

CVE-1999-0102 HIGH

Buffer overflow in SLmail 3.x allows attackers to execute commands using a large FROM line.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
seattle_lab_software slmail 3.0.2421
CVE-1999-0231 MEDIUM

Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 packages using a long VRFY command, causing a denial of service and possibly remote access.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
seattle_lab_software slmail 2.6
CVE-1999-0380 MEDIUM

SLMail 3.1 and 3.2 allows local users to access any file in the NTFS file system when the Remote Administration Service (RAS) is enabled by setting a user's Finger File to point to the target file, then running finger on the user.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
seattle_lab_software slmail 3.0.2421
CVE-1999-1017 HIGH

Seattle Labs Emurl 2.0, and possibly earlier versions, stores e-mail attachments in a specific directory with scripting enabled, which allows a malicious ASP file attachment to execute when the recipient opens the message.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
seattle_lab_software emurl *
CVE-2000-0397 MEDIUM

The EMURL web-based email account software encodes predictable identifiers in user session URLs, which allows a remote attacker to access a user's email account.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
seattle_lab_software emurl 2.0
CVE-2003-0264 HIGH

Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execute arbitrary code via (1) a long EHLO argument to slmail.exe, (2) a long XTRN argument to slmail.exe, (3) a long string to POPPASSWD, or (4) a long password to the POP3 server.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
seattle_lab_software slmail 5.1.0.4420
CVE-2004-0356 HIGH

Stack-based buffer overflow in Supervisor Report Center in SL Mail Pro 2.0.9 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a long HTTP sub-version.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
seattle_lab_software slmail_pro 2.0.5
seattle_lab_software slmail_pro 2.0.7
seattle_lab_software slmail_pro 2.0.2
seattle_lab_software slmail_pro 2.0.6
seattle_lab_software slmail_pro 2.0.9
seattle_lab_software slmail_pro 2.0.1
seattle_lab_software slmail_pro 2.0.4
seattle_lab_software slmail_pro 2.0
seattle_lab_software slmail_pro 2.0.3
seattle_lab_software slmail_pro 2.0.8
CVE-2004-0357 HIGH

Stack-based buffer overflows in SL Mail Pro 2.0.9 allow remote attackers to execute arbitrary code via (1) user.dll, (2) loadpageadmin.dll or (3) loadpageuser.dll.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
seattle_lab_software slmail_pro 2.0.9