Thomas Hauck Jana Server 1.4.6 and previous versions allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a large message index value in a (1) RETR or (2) DELE command to the POP3 server, which exceeds the array limits and allows a buffer overflow attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
t. hauck jana web server 1.0 |
||
t. hauck jana web server 1.45 |
||
t. hauck jana web server 1.46 |
||
t. hauck jana web server 2.0 |
||
t. hauck jana web server 2.0_beta2 |
||
t. hauck jana web server 2.0_beta1 |
||
t. hauck jana web server 2.2.1 |