HOMEVULNERABILITIESVENDORSSeattle Lab Software

Seattle Lab SoftwareCVEs & Vulnerabilities

12 CVEs affecting Seattle Lab Software products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

slmail pro 19slmail 4emurl 2slnet rf telnet server 1
CVE-2008-1689MEDIUM

Stack consumption vulnerability in WebContainer.exe 1.0.0.336 and earlier in SLMail Pro 6.3.1.0 and earlier allows remote attackers to cause a denial of service (daemon crash) via a long request header in an HTTP request to TCP port 801. NOTE: some of these details are obtained from third party information.

7 Apr 2008
5.0
CVSS
CVE-2008-1691MEDIUM

Unspecified vulnerability in SLMail.exe in SLMail Pro 6.3.1.0 and earlier allows remote attackers to cause a denial of service (UDP service outage) via a large packet to UDP port 54. NOTE: some of these details are obtained from third party information.

7 Apr 2008
5.0
CVSS
CVE-2008-1690CRITICALpoc

WebContainer.exe 1.0.0.336 and earlier in SLMail Pro 6.3.1.0 and earlier allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a long URI in HTTP requests to TCP port 801. NOTE: some of these details are obtained from third party information.

7 Apr 2008
10.0
CVSS
CVE-2008-0152MEDIUM

SLnet.exe in SeattleLab SLNet RF Telnet Server 4.1.1.3758 and earlier allows user-assisted remote attackers to cause a denial of service (crash) via unspecified telnet options, which triggers a NULL pointer dereference. NOTE: the crash is not user-assisted when the server is running in debug mode.

9 Jan 2008
4.3
CVSS
CVE-2004-0356CRITICAL

Stack-based buffer overflow in Supervisor Report Center in SL Mail Pro 2.0.9 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a long HTTP sub-version.

23 Nov 2004
10.0
CVSS
CVE-2004-0357CRITICAL

Stack-based buffer overflows in SL Mail Pro 2.0.9 allow remote attackers to execute arbitrary code via (1) user.dll, (2) loadpageadmin.dll or (3) loadpageuser.dll.

23 Nov 2004
10.0
CVSS
CVE-2003-0264HIGHpoc

Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execute arbitrary code via (1) a long EHLO argument to slmail.exe, (2) a long XTRN argument to slmail.exe, (3) a long string to POPPASSWD, or (4) a long password to the POP3 server.

27 May 2003
7.5
CVSS
CVE-2000-0397MEDIUMpoc

The EMURL web-based email account software encodes predictable identifiers in user session URLs, which allows a remote attacker to access a user's email account.

15 May 2000
5.0
CVSS
CVE-1999-1017HIGH

Seattle Labs Emurl 2.0, and possibly earlier versions, stores e-mail attachments in a specific directory with scripting enabled, which allows a malicious ASP file attachment to execute when the recipient opens the message.

28 Jul 1999
7.5
CVSS
CVE-1999-0380MEDIUM

SLMail 3.1 and 3.2 allows local users to access any file in the NTFS file system when the Remote Administration Service (RAS) is enabled by setting a user's Finger File to point to the target file, then running finger on the user.

25 Feb 1999
4.6
CVSS
CVE-1999-0231MEDIUM

Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 packages using a long VRFY command, causing a denial of service and possibly remote access.

1 Jan 1999
5.0
CVSS
CVE-1999-0102HIGH

Buffer overflow in SLmail 3.x allows attackers to execute commands using a large FROM line.

9 Jul 1998
7.5
CVSS
← PrevPage 1 / 1Next →