返回 CVE 瀏覽器

CVE-2001-1355

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1790%

EPSS Percentile11.04th

Published2001年7月20日

Last Modified2026年4月16日

Vulnerability Description

Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail, SurgeFTP, and possibly other packages, could allow attackers to execute arbitrary code via long arguments to (1) the -del command or (2) the -lookup command.

Affected Platforms (CPE)

📦

Netwin

Dmail

= 2.5d

📦

Netwin

Dmail

= 2.7

📦

Netwin

Dmail

= 2.7q

📦

Netwin

Dmail

= 2.7r

📦

Netwin

Dmail

= 2.8e

📦

Netwin

Dmail

= 2.8f

📦

Netwin

Dmail

= 2.8g

📦

Netwin

Dmail

= 2.8h

📦

Netwin

Dmail

= 2.8i

📦

Netwin

Surgeftp

= 1.0b

📦

Netwin

Surgeftp

= 2.0a

📦

Netwin

Surgeftp

= 2.0b

References & Advisories

🔗 http://online.securityfocus.com/archive/1/198293

🔗 http://www.securityfocus.com/bid/3077

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/6865

🔗 http://online.securityfocus.com/archive/1/198293

🔗 http://www.securityfocus.com/bid/3077

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/6865

相關漏洞威脅

CVE-2000-049010.0

Buffer overflow in the NetWin DSMTP 2.7q in the NetWin dmail package allows remote attackers to execute arbitrary commands via a l...

CVE-2008-500510.0

Multiple stack-based buffer overflows in (1) University of Washington IMAP Toolkit 2002 through 2007c, (2) University of Washingto...

CVE-2005-14787.5

Format string vulnerability in dSMTP (dsmtp.exe) in DMail 3.1a allows remote attackers to execute arbitrary code via format string...

CVE-2005-15167.5

DList (dlist.exe) in DMail 3.1a allows remote attackers to bypass authentication, read log files, and shutdown the system via a se...