CyberSec.Space Logo
Back to CVE Browser

CVE-2001-1355

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1790%
EPSS Percentile11.04th
PublishedJul 20, 2001
Last ModifiedApr 16, 2026

Vulnerability Description

Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail, SurgeFTP, and possibly other packages, could allow attackers to execute arbitrary code via long arguments to (1) the -del command or (2) the -lookup command.

Affected Platforms (CPE)

πŸ“¦
Netwin

Dmail

= 2.5d
πŸ“¦
Netwin

Dmail

= 2.7
πŸ“¦
Netwin

Dmail

= 2.7q
πŸ“¦
Netwin

Dmail

= 2.7r
πŸ“¦
Netwin

Dmail

= 2.8e
πŸ“¦
Netwin

Dmail

= 2.8f
πŸ“¦
Netwin

Dmail

= 2.8g
πŸ“¦
Netwin

Dmail

= 2.8h
πŸ“¦
Netwin

Dmail

= 2.8i
πŸ“¦
Netwin

Surgeftp

= 1.0b
πŸ“¦
Netwin

Surgeftp

= 2.0a
πŸ“¦
Netwin

Surgeftp

= 2.0b

References & Advisories

πŸ”— http://online.securityfocus.com/archive/1/198293
πŸ”— http://www.securityfocus.com/bid/3077
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/6865
πŸ”— http://online.securityfocus.com/archive/1/198293
πŸ”— http://www.securityfocus.com/bid/3077
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/6865

Related Vulnerabilities

CVE-2000-049010.0

Buffer overflow in the NetWin DSMTP 2.7q in the NetWin dmail package allows remote attackers to execute arbitrary commands via a l...

CVE-2008-500510.0

Multiple stack-based buffer overflows in (1) University of Washington IMAP Toolkit 2002 through 2007c, (2) University of Washingto...

CVE-2005-14787.5

Format string vulnerability in dSMTP (dsmtp.exe) in DMail 3.1a allows remote attackers to execute arbitrary code via format string...

CVE-2005-15167.5

DList (dlist.exe) in DMail 3.1a allows remote attackers to bypass authentication, read log files, and shutdown the system via a se...