Multiple buffer overflows in Spamdyke before 4.3.0 might allow remote attackers to execute arbitrary code via vectors related to "serious errors in the usage of snprintf()/vsnprintf()" in which the return values may be larger than the size of the buffer.
Max CVSS
7.5
EPSS Score
7.61%
Published
2012-06-19
Updated
2012-06-20
spamdyke prior to 4.2.1: STARTTLS reveals plaintext
Max CVSS
7.5
EPSS Score
0.07%
Published
2020-01-15
Updated
2020-01-23
The smtp_filter function in spamdyke before 3.1.8 does not filter RCPT commands after encountering the first DATA command, which allows remote attackers to use the server as an open mail relay by sending RCPT commands with invalid recipients, followed by a DATA command, followed by arbitrary RCPT commands and a second DATA command.
Max CVSS
6.4
EPSS Score
0.58%
Published
2008-06-19
Updated
2017-08-08
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!