96 matches found
UBUNTU-CVE-2018-14349
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a NO response without a message...
PT-2018-3296 · Mutt +5 · Mutt +5
Name of the Vulnerable Software and Affected Versions: Mutt versions prior to 1.10.1 NeoMutt versions prior to 2018-07-16 Description: The issue is related to errors in handling input data, which can be exploited by a remote attacker to execute arbitrary code. Specifically, the problem lies in th...
MGASA-2018-0288 Updated roundcubemail packages fix security vulnerability
Updated roundcubemail package fixes security vulnerability: This update fixes a recently discovered IMAP command injection vulnerability caused by insufficient input validation within the archive plugin. CVE-2018-9846...
Fedora 27 : roundcubemail (2018-57fbdb1cb5)
Upstream announcement : Version 1.3.6 This is a security update to the stable version 1.3. It primarily fixes a recently discovered IMAP command injection vulnerability caused by insufficient input validation within the archive plugin. Details about the vulnerability are published under...
Fedora 26 : roundcubemail (2018-f6dc921a19)
Upstream announcement : Version 1.3.6 This is a security update to the stable version 1.3. It primarily fixes a recently discovered IMAP command injection vulnerability caused by insufficient input validation within the archive plugin. Details about the vulnerability are published under...
CVE-2006-2414
Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the 1 LIST or 2 DELETE IMAP command...
Alt-N MDaemon 6.5.1 SMTP Server Multiple Command Remote Overflow
No description provided by source. source: http://www.securityfocus.com/bid/11238/info Alt-N MDaemon is reportedly prone to multiple remote buffer overflow vulnerabilities. The vulnerabilities are likely due to a failure of the application to properly validate buffer sizes when processing command...
GroupWise Internet Agent < 8.0.2 HP1 Multiple Flaws
The version of GroupWise Internet Agent installed on the remote host is older than 8.0.2.11941 and hence affected by the following issues : - Multiple 'Content-Type' header parsing issues can result in arbitrary code execution on the remote system. ZDI-10-237 / ZDI-10-238 / ZDI-10-241 - Multiple...
Stack overflow
Multiple buffer overflows in Ipswitch IMail before 2006.21 allow remote attackers or authenticated users to execute arbitrary code via 1 the authentication feature in IMailsec.dll, which triggers heap corruption in the IMail Server, or 2 a long SUBSCRIBE IMAP command, which triggers a stack-based...
CVE-2007-2795
Multiple buffer overflows in Ipswitch IMail before 2006.21 allow remote attackers or authenticated users to execute arbitrary code via 1 the authentication feature in IMailsec.dll, which triggers heap corruption in the IMail Server, or 2 a long SUBSCRIBE IMAP command, which triggers a stack-based...
CVE-2007-2795
Multiple buffer overflows in Ipswitch IMail before 2006.21 allow remote attackers or authenticated users to execute arbitrary code via 1 the authentication feature in IMailsec.dll, which triggers heap corruption in the IMail Server, or 2 a long SUBSCRIBE IMAP command, which triggers a stack-based...
hMailServer < 4.4.2 build 279 IMAP Command Handling Remote DoS
The remote host is running hMailServer, a mail server for Windows. By sending large amounts of data along with certain IMAP commands such as 'CREATE' or 'RENAME', an authenticated user may be able to crash the remote mail server. C Tenable Network Security, Inc. include"compat.inc"; if descriptio...
SurgeMail buffer overflow
Buffer overflow in LSUB IMAP command...
Mercur Messaging 2005 SP3 IMAP Remote Exploit (egghunter mod)
No description provided by source. !/usr/bin/python Mercur Messaging 2005 SP3 IMAP service - Egghunter mod [email protected] http://www.offensive-security.com Original exploit by Winny Thomas Thanks Thomas, this code really came in handy ! VMWare seems to alter the stack a bit as the...
Mercur Messaging 2005 <= SP4 IMAP Remote Exploit (egghunter mod)
No description provided by source. !/usr/bin/python Mercur Messaging 2005 SP3 IMAP service - Egghunter mod [email protected] http://www.offensive-security.com Original exploit by Winny Thomas Thanks Thomas, this code really came in handy ! VMWare seems to alter the stack a bit as the...
Hastymail 1.x - IMAP SMTP Command Injection
source: https://www.securityfocus.com/bid/20424/info Hastymail is prone to an IMAP / SMTP command-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An authenticated malicious user could execute arbitrary IMAP / SMTP commands on the affected mail server...
CentOS 3 / 4 : squirrelmail (CESA-2006:0283)
An updated squirrelmail package that fixes three security and many other bug issues is now available. This update contains bug fixes of upstream squirrelmail 1.4.6 with some additional improvements to international language support. This update has been rated as having moderate security impact by...
CVE-2006-2414
Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the 1 LIST or 2 DELETE IMAP command...
Directory traversal
Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the 1 LIST or 2 DELETE IMAP command...
CVE-2006-2414
Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the 1 LIST or 2 DELETE IMAP command...