John Cartwright

**Name of the Vulnerable Software and Affected Versions** HP Radia Notify Daemon versions 2.x through 4.x HP Radia Notify Daemon version 3.1.2.0 **Description** The issue is related to multiple stack-based buffer overflows in the `nvd exec` function. This allows remote attackers to execute arbitrary code via a command with crafted parameters to a `RADEXECD` process. **Recommendations** For HP Radia Notify Daemon versions 2.x through 4.x, update to a version that fixes the buffer overflow issue in the `nvd exec` function. For HP Radia Notify Daemon version 3.1.2.0, update to a version that fixes the buffer overflow issue in the `nvd exec` function. As a temporary workaround, consider restricting access to the `RADEXECD` process to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** HP Radia Notify Daemon versions 2.x through 4.x **Description** A buffer overflow issue allows remote attackers to execute arbitrary code via a long file extension. **Recommendations** For versions 2.x through 4.x, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** popclient version 3.0b6 **Description** The issue is caused by an off-by-one error in the POP3 readmsg function, allowing remote attackers to cause a denial of service, resulting in an application crash. This is achieved by sending an e-mail message with a specific line length, which leads to a buffer overflow. **Recommendations** For popclient version 3.0b6, consider applying a patch or fix to address the off-by-one error in the POP3 readmsg function to prevent the buffer overflow and subsequent denial of service.