Lucene search
+L

102 matches found

Tenable Nessus
Tenable Nessus
added 2018/07/25 12:0 a.m.24 views

Debian DLA-1443-1 : evolution-data-server security update

It was discovered that there was a protocol implementation error in evolution-data-server where 'STARTTLS not supported' errors from IMAP servers were ignored leading to the use of insecure connections without the user's knowledge or consent. For Debian 8 'Jessie', this issue has been fixed in...

5.4AI score
Exploits0References2
OSV
OSV
added 2017/10/31 9:29 p.m.5 views

ALPINE-CVE-2017-1000257

An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that non-existing data with a pointer and the size zero to the deliver-data function. libcurl's deliver-data function treats zero as a mag...

9.1CVSS7AI score0.06224EPSS
Exploits0References1
CNVD
CNVD
added 2017/10/25 12:0 a.m.1 views

cURL buffer overflow vulnerability (CNVD-2017-35204)

cURL is a file transfer tool that works at the command line using URL syntax. A buffer overflow vulnerability exists in cURL. By returning a specially crafted IMAP FETCH response, a remote user can trigger a buffer overrun in the IMAP handler and obtain potentially sensitive information from the...

9.1CVSS7.3AI score0.06224EPSS
Exploits0References1
OSV
OSV
added 2017/04/12 11:59 p.m.2 views

ALPINE-CVE-2017-7703

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line's end correctly...

7.5CVSS8.7AI score0.03284EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.9 views

The vulnerability of the Dovecot mail server, which allows a remote attacker to cause a service failure

The Dovecot software contains a bug in the implementation of the IMAP protocol /imap/cmd-append.c. A malicious actor can cause a service failure by using a specially crafted network packet with an incorrectly set “APPEND” parameter, thereby causing the software to enter an infinite loop...

5CVSS5.5AI score0.02427EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2012/04/13 8:55 p.m.11 views

CVE-2012-0036

curl and libcurl 7.2x before 7.24.0 do not properly consider special characters during extraction of a pathname from a URL, which allows remote attackers to conduct data-injection attacks via a crafted URL, as demonstrated by a CRLF injection attack on the 1 IMAP, 2 POP3, or 3 SMTP protocol...

7.5CVSS6.6AI score0.16723EPSS
Exploits0References15
Debian CVE
Debian CVE
added 2012/04/13 8:0 p.m.32 views

CVE-2012-0036

curl and libcurl 7.2x before 7.24.0 do not properly consider special characters during extraction of a pathname from a URL, which allows remote attackers to conduct data-injection attacks via a crafted URL, as demonstrated by a CRLF injection attack on the 1 IMAP, 2 POP3, or 3 SMTP protocol...

7.5CVSS7.1AI score0.16723EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2011/07/05 12:0 a.m.3 views

Ipswitch IMail Server List Mailer Reply-To Address Buffer Overflow

Ipswitch IMail server is a messaging service suite that supports numerous Internet standard electronic mail exchanging protocols. The IMail IMAP server is an implementation of the server side of the IMAP protocol. A Buffer overflow vulnerability has been reported in Ipswitch IMail Server List...

8AI score
Exploits0
Fedora
Fedora
added 2011/06/11 4:34 a.m.43 views

[SECURITY] Fedora 13 Update: cyrus-imapd-2.3.16-5.fc13

The cyrus-imapd package contains the core of the Cyrus IMAP server. It is a scaleable enterprise mail system designed for use from small to large enterprise environments using standards-based internet mail technologies. A full Cyrus IMAP implementation allows a seamless mail and bulletin board...

5.1CVSS0.9AI score0.03999EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2010/02/25 12:0 a.m.30 views

IBM Lotus Notes Attachment Viewer UUE File Handling Buffer Overflow (CVE-2005-2618)

Lotus Notes is a client-server collaborative software and email system provided by IBM. The Lotus Notes email client application is capable of communicating with email servers over the SMTP, POP and IMAP protocols. There exists a buffer overflow vulnerability in IBM Lotus Notes Attachment Viewer...

9.3CVSS7.8AI score0.07922EPSS
Exploits8
Check Point Advisories
Check Point Advisories
added 2009/11/09 12:0 a.m.39 views

Ipswitch IMail Server Imailsec.dll Heap Buffer Overflow (CVE-2007-2795)

Ipswitch IMail server is a messaging service suite that supports numerous Internet standard electronic mail exchanging protocols. The IMail IMAP server is a server-side implementation of the IMAP protocol. There exists a heap overflow vulnerability in Ipswitch IMail Server IMAP component. The...

9CVSS7.9AI score0.24455EPSS
Exploits6
Check Point Advisories
Check Point Advisories
added 2009/10/19 12:0 a.m.15 views

GNU Mailutils imap4d SEARCH Format String (CVE-2005-2878)

The Internet Message Access Protocol IMAP specifies a protocol for the access and manipulation of electronic mail. The protocol permits the manipulation of mailboxes on a remote server and allows a remote client, among other operations, to create, delete, or rename mailboxes on the server side. T...

7.5CVSS7.5AI score0.14567EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2009/10/08 12:0 a.m.13 views

GNU Mailutils imap4d Format String (CVE-2005-1523)

The Internet Message Access Protocol IMAP specifies a protocol for the access and manipulation of electronic mail. The protocol permits the manipulation of mailboxes on a remote server and allows a remote client, among other operations, to create, delete, or rename mailboxes on the server side. T...

7.5CVSS7.6AI score0.09782EPSS
Exploits0
myhack58
myhack58
added 2009/03/05 12:0 a.m.41 views

The use of injection techniques to attack the mail server and defenses(a)-vulnerability warning-the black bar safety net

This article will detail through the talk to mail server communication of a Web application, i.e., the webmail application to inject some mail protocolsIMAP and SMTP Protocolcommands to attack a mail server of the principles, methods and defenses. A Webmail application role Webmail app through IM...

8.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2007/04/11 12:0 a.m.26 views

Preemptive Protection against Mercury Mail IMAP Buffer Overflow Vulnerability

Multiple buffer overflow vulnerabilities exist in Mercury Mail Transport System. Mercury Mail Transport System is a free mail server program that supports various email access and exchange protocols, including the Internet Message Access Protocol IMAP. IMAP is a standard protocol for accessing...

10CVSS7.5AI score0.72459EPSS
Exploits8
Saint
Saint
added 2007/03/27 12:0 a.m.29 views

MERCUR imapd SUBSCRIBE command buffer overflow

Added: 03/27/2007 CVE: CVE-2007-1579 BID: 23050 OSVDB: 33546 Background MERCUR Messaging Server is an e-mail server supporting the SMTP, POP3, and IMAP protocols for Windows platforms. Problem A buffer overflow vulnerability allows remote, authenticated attackers to execute arbitrary commands by...

10CVSS7.5AI score0.56209EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2006/03/12 12:0 a.m.38 views

SquirrelMail: Cross-site scripting and IMAP command injection

Background SquirrelMail is a webmail package written in PHP. It supports IMAP and SMTP protocols. Description SquirrelMail does not validate the rightframe parameter in webmail.php, possibly allowing frame replacement or cross-site scripting CVE-2006-0188. Martijn Brinkers and Scott Hughes...

5CVSS7.1AI score0.02296EPSS
Exploits1
Cent OS
Cent OS
added 2005/12/06 4:20 p.m.74 views

imap security update

CentOS Errata and Security Advisory CESA-2005:850 An updated imap package that fixes a buffer overflow issue is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The imap package provides server daemons for both the IMAP Internet...

7.5CVSS6.1AI score0.08464EPSS
Exploits0References9
exploitpack
exploitpack
added 2005/11/16 12:0 a.m.32 views

FTGate4 Groupware Mail Server 4.1 - imapd Remote Buffer Overflow (PoC)

FTGate4 Groupware Mail Server 4.1 - imapd Remote Buffer Overflow PoC !/usr/bin/perl use IO::Socket; print "\nFTGate Imapd BufferOverrun\nLuca Ercoli [email protected]\n"; print "http://www.lucaercoli.it\n\n\n"; $host = "localhost"; $remote = IO::Socket::INET-new Proto = "tcp", PeerAddr = $host,...

1AI score
Exploits0
seebug.org
seebug.org
added 2005/11/16 12:0 a.m.11 views

FTGate4 Groupware Mail Server 4.1 (imapd) Remote Buffer Overflow PoC

No description provided by source. !/usr/bin/perl use IO::Socket; print "\nFTGate Imapd BufferOverrun\nLuca Ercoli [email protected]\n"; print "http://www.lucaercoli.it\n\n\n"; $host = "localhost"; $remote = IO::Socket::INET-new Proto = "tcp", PeerAddr = $host, PeerPort = "143", ; unless $remote...

7.1AI score
Exploits0
Rows per page
Query Builder