Vulnerabilities > Double Precision Incorporated > Courier MTA > 0.37.3

DATE CVE VULNERABILITY TITLE RISK
2006-05-30 CVE-2006-2659 Remote Denial Of Service vulnerability in Courier Mail Server Username Encoding
libs/comverp.c in Courier MTA before 0.53.2 allows attackers to cause a denial of service (CPU consumption) via unknown vectors involving usernames that contain the "=" (equals) character, which is not properly handled during encoding.
network
low complexity
double-precision-incorporated
7.8
2003-02-19 CVE-2003-0040 SQL Injection vulnerability in Courier-IMAP Username
SQL injection vulnerability in the PostgreSQL auth module for courier 0.40 and earlier allows remote attackers to execute SQL code via the user name.
network
low complexity
double-precision-incorporated inter7
7.5
2002-11-29 CVE-2002-1311 Unspecified vulnerability in Double Precision Incorporated Courier MTA 0.37.3/0.40
Courier sqwebmail before 0.40.0 does not quickly drop privileges after startup in certain cases, which could allow local users to read arbitrary files.
local
low complexity
double-precision-incorporated
4.6