Internet Anywhere Mail Server 2.3.1 stores passwords in plaintext in the msgboxes.dbf file, which could allow local users to gain privileges by extracting the passwords from msgboxes.dbf.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| true_north | internet_anywhere_mail_server | 3.1 |
| true_north | internet_anywhere_mail_server | 2.3.1 |
Internet Anywhere POP3 Mail Server 2.3.1 allows remote attackers to cause a denial of service (crash) via (1) LIST, (2) TOP, or (3) UIDL commands using letters as arguments.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| true_north | internet_anywhere_mail_server | 2.3 |
Buffer overflow in Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service or execute commands via a long username.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| true_north | internet_anywhere_mail_server | 2.3 |
| true_north | internet_anywhere_mail_server | 2.3.1 |
Internet Anywhere POP3 Mail Server allows local users to cause a denial of service via a malformed RETR command.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| true_north | internet_anywhere_mail_server | 3.1.3 |
Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service via a large number of connections.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| true_north | internet_anywhere_mail_server | 3.1.3 |