Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mageiaGentoo FoundationMGASA-2015-0400
HistoryOct 14, 2015 - 11:28 p.m.

Updated roundcubemail package fixes security vulnerabilities

2015-10-1423:28:21
Gentoo Foundation
advisories.mageia.org
9

0.003 Low

EPSS

Percentile

69.9%

JSON

Multiple security issues in the DBMail driver for the password plugin, including buffer overflows (CVE-2015-2181) and the ability for a remote attacker to execute arbitrary shell commands as root (CVE-2015-2180). An authenticated user can download arbitrary files from the web server that the web server process has read access to, by uploading a vCard with a specially crafted POST (CVE-2015-5382). The roundcubemail package has been updated to version 1.0.6, fixing these issues and several other bugs, however the installer is currently known to be broken.

OSVersionArchitecturePackageVersionFilename
Mageia5noarchroundcubemail< 1.0.6-1.1roundcubemail-1.0.6-1.1.mga5

Related

openvas 7
nessus 10
cve 3
ubuntucve 3
prion 3
cvelist 3
debiancve 3
suse 1
fedora 5
mageia 1
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0400)
2015-10-15 00:00:00
openSUSE: Security Advisory for roundcubemail (openSUSE-SU-2016:3038-1)
2016-12-08 00:00:00
Roundcube Webmail < 1.0.6, 1.1.x < 1.1.2 Multiple Vulnerabilities
2017-05-30 00:00:00
nessus
nessus
openSUSE Security Update : roundcubemail (openSUSE-2015-490)
2015-07-15 00:00:00
openSUSE Security Update : roundcubemail (openSUSE-2016-1011)
2016-08-23 00:00:00
openSUSE Security Update : roundcubemail (openSUSE-2016-996)
2016-08-22 00:00:00
cve
cve
CVE-2015-5382
2017-05-23 04:29:00
CVE-2015-2181
2017-01-30 22:59:00
CVE-2015-2180
2017-01-30 22:59:00
ubuntucve
ubuntucve
CVE-2015-5382
2017-05-23 00:00:00
CVE-2015-2181
2017-01-30 00:00:00
CVE-2015-2180
2017-01-30 00:00:00
prion
prion
Code injection
2017-05-23 04:29:00
Buffer overflow
2017-01-30 22:59:00
Default credentials
2017-01-30 22:59:00
cvelist
cvelist
CVE-2015-5382
2017-05-23 03:56:00
CVE-2015-2181
2017-01-30 22:00:00
CVE-2015-2180
2017-01-30 22:00:00
debiancve
debiancve
CVE-2015-5382
2017-05-23 04:29:00
CVE-2015-2181
2017-01-30 22:59:00
CVE-2015-2180
2017-01-30 22:59:00
suse
suse
Security update for roundcubemail (important)
2016-12-07 15:11:46
fedora
fedora
[SECURITY] Fedora 22 Update: roundcubemail-1.1.2-1.fc22
2015-07-29 01:46:24
[SECURITY] Fedora 22 Update: roundcubemail-1.1.5-1.fc22
2016-05-01 00:23:45
[SECURITY] Fedora 23 Update: roundcubemail-1.1.5-1.fc23
2016-04-30 23:54:17
mageia
mageia
Updated roundcubemail packages fix security vulnerabilities
2016-04-29 20:21:35

0.003 Low

EPSS

Percentile

69.9%

JSON
Related for MGASA-2015-0400
openvas7nessus10cve3ubuntucve3prion3cvelist3debiancve3suse1fedora5mageia1