Lucene search
K

96 matches found

OSV
OSV
added 2018/07/17 12:0 a.m.2 views

UBUNTU-CVE-2018-14349

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a NO response without a message...

9.8CVSS7AI score0.03166EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2018/07/07 12:0 a.m.3 views

PT-2018-3296 · Mutt +5 · Mutt +5

Name of the Vulnerable Software and Affected Versions: Mutt versions prior to 1.10.1 NeoMutt versions prior to 2018-07-16 Description: The issue is related to errors in handling input data, which can be exploited by a remote attacker to execute arbitrary code. Specifically, the problem lies in th...

10CVSS7AI score0.09694EPSS
Exploits4References180
OSV
OSV
added 2018/06/19 11:42 p.m.6 views

MGASA-2018-0288 Updated roundcubemail packages fix security vulnerability

Updated roundcubemail package fixes security vulnerability: This update fixes a recently discovered IMAP command injection vulnerability caused by insufficient input validation within the archive plugin. CVE-2018-9846...

8.8CVSS9AI score0.02289EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/04/23 12:0 a.m.35 views

Fedora 27 : roundcubemail (2018-57fbdb1cb5)

Upstream announcement : Version 1.3.6 This is a security update to the stable version 1.3. It primarily fixes a recently discovered IMAP command injection vulnerability caused by insufficient input validation within the archive plugin. Details about the vulnerability are published under...

8.8CVSS7.9AI score0.02289EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/04/23 12:0 a.m.30 views

Fedora 26 : roundcubemail (2018-f6dc921a19)

Upstream announcement : Version 1.3.6 This is a security update to the stable version 1.3. It primarily fixes a recently discovered IMAP command injection vulnerability caused by insufficient input validation within the archive plugin. Details about the vulnerability are published under...

8.8CVSS7.9AI score0.02289EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2015/10/30 10:25 a.m.13 views

CVE-2006-2414

Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the 1 LIST or 2 DELETE IMAP command...

5CVSS7.3AI score0.0239EPSS
Exploits0References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Alt-N MDaemon 6.5.1 SMTP Server Multiple Command Remote Overflow

No description provided by source. source: http://www.securityfocus.com/bid/11238/info Alt-N MDaemon is reportedly prone to multiple remote buffer overflow vulnerabilities. The vulnerabilities are likely due to a failure of the application to properly validate buffer sizes when processing command...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/11/23 12:0 a.m.46 views

GroupWise Internet Agent < 8.0.2 HP1 Multiple Flaws

The version of GroupWise Internet Agent installed on the remote host is older than 8.0.2.11941 and hence affected by the following issues : - Multiple 'Content-Type' header parsing issues can result in arbitrary code execution on the remote system. ZDI-10-237 / ZDI-10-238 / ZDI-10-241 - Multiple...

10CVSS6.6AI score0.13586EPSS
Exploits1References22
Prion
Prion
added 2009/01/27 11:30 p.m.15 views

Stack overflow

Multiple buffer overflows in Ipswitch IMail before 2006.21 allow remote attackers or authenticated users to execute arbitrary code via 1 the authentication feature in IMailsec.dll, which triggers heap corruption in the IMail Server, or 2 a long SUBSCRIBE IMAP command, which triggers a stack-based...

9CVSS8.4AI score0.24455EPSS
Exploits6References3Affected Software1
NVD
NVD
added 2009/01/27 11:30 p.m.14 views

CVE-2007-2795

Multiple buffer overflows in Ipswitch IMail before 2006.21 allow remote attackers or authenticated users to execute arbitrary code via 1 the authentication feature in IMailsec.dll, which triggers heap corruption in the IMail Server, or 2 a long SUBSCRIBE IMAP command, which triggers a stack-based...

9CVSS8AI score0.24455EPSS
Exploits6References3
Cvelist
Cvelist
added 2009/01/27 11:0 p.m.37 views

CVE-2007-2795

Multiple buffer overflows in Ipswitch IMail before 2006.21 allow remote attackers or authenticated users to execute arbitrary code via 1 the authentication feature in IMailsec.dll, which triggers heap corruption in the IMail Server, or 2 a long SUBSCRIBE IMAP command, which triggers a stack-based...

8AI score0.24455EPSS
Exploits6References3
Tenable Nessus
Tenable Nessus
added 2008/08/16 12:0 a.m.189 views

hMailServer < 4.4.2 build 279 IMAP Command Handling Remote DoS

The remote host is running hMailServer, a mail server for Windows. By sending large amounts of data along with certain IMAP commands such as 'CREATE' or 'RENAME', an authenticated user may be able to crash the remote mail server. C Tenable Network Security, Inc. include"compat.inc"; if descriptio...

4.3CVSS5.5AI score0.02755EPSS
Exploits1References3
securityvulns
securityvulns
added 2008/03/21 12:0 a.m.36 views

SurgeMail buffer overflow

Buffer overflow in LSUB IMAP command...

3.2AI score
Exploits0References1
seebug.org
seebug.org
added 2007/03/22 12:0 a.m.11 views

Mercur Messaging 2005 SP3 IMAP Remote Exploit (egghunter mod)

No description provided by source. !/usr/bin/python Mercur Messaging 2005 SP3 IMAP service - Egghunter mod [email protected] http://www.offensive-security.com Original exploit by Winny Thomas Thanks Thomas, this code really came in handy ! VMWare seems to alter the stack a bit as the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/03/21 12:0 a.m.22 views

Mercur Messaging 2005 &lt;= SP4 IMAP Remote Exploit (egghunter mod)

No description provided by source. !/usr/bin/python Mercur Messaging 2005 SP3 IMAP service - Egghunter mod [email protected] http://www.offensive-security.com Original exploit by Winny Thomas Thanks Thomas, this code really came in handy ! VMWare seems to alter the stack a bit as the...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/10/10 12:0 a.m.34 views

Hastymail 1.x - IMAP SMTP Command Injection

source: https://www.securityfocus.com/bid/20424/info Hastymail is prone to an IMAP / SMTP command-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An authenticated malicious user could execute arbitrary IMAP / SMTP commands on the affected mail server...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/07/05 12:0 a.m.34 views

CentOS 3 / 4 : squirrelmail (CESA-2006:0283)

An updated squirrelmail package that fixes three security and many other bug issues is now available. This update contains bug fixes of upstream squirrelmail 1.4.6 with some additional improvements to international language support. This update has been rated as having moderate security impact by...

5CVSS5.8AI score0.02296EPSS
Exploits1References9
NVD
NVD
added 2006/05/16 10:2 a.m.20 views

CVE-2006-2414

Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the 1 LIST or 2 DELETE IMAP command...

5CVSS6.4AI score0.0239EPSS
Exploits0References10
Prion
Prion
added 2006/05/16 10:2 a.m.13 views

Directory traversal

Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the 1 LIST or 2 DELETE IMAP command...

5CVSS6.7AI score0.0239EPSS
Exploits0References10Affected Software1
UbuntuCve
UbuntuCve
added 2006/05/16 10:2 a.m.15 views

CVE-2006-2414

Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the 1 LIST or 2 DELETE IMAP command...

5CVSS5.9AI score0.0239EPSS
Exploits0References1
Rows per page
Query Builder