PT-2026-34010

FreeScout is a free self-hosted help desk and shared mailbox. Versions prior to 1.8.213 have a Server-Side Request Forgery SSRF vulnerability in the IMAP/SMTP connection test functionality of FreeScout's MailboxesController. Three AJAX actions fetch test line 731, send test line 682, and imap...

EUVD-2020-7924

Malware in sbrugna...

EUVD-2020-17375

Malware in sbrugna...

CVE-2023-26562

In Zimbra Collaboration ZCS 8.8.15 and 9.0, a closed account with 2FA and generated passwords can send e-mail messages when configured for Imap/smtp...

Design/Logic Flaw

In Zimbra Collaboration ZCS 8.8.15 and 9.0, a closed account with 2FA and generated passwords can send e-mail messages when configured for Imap/smtp...

OTRS Trust Management Issue Vulnerability

OTRS is an application from OTRS Germany. A service management software. A security vulnerability exists in OTRS versions prior to 7.0.47, 8.0.37, and OTRS Community Edition versions 6.0.X through 6.0.34, which arises from the ability to obtain email via POP3 or IMAP and send email via SMTP using...

MGASA-2020-0366 Updated libetpan packages fix a security vulnerability

LibEtPan through 1.9.4, as used in MailCore 2 through 0.6.3 and other products, has a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data e.g., from a meddler-in-the-middle attacker and evaluates it in a TLS...

CVE-2020-15953

LibEtPan through 1.9.4, as used in MailCore 2 through 0.6.3 and other products, has a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data e.g., from a meddler-in-the-middle attacker and evaluates it in a TLS...

CVE-2020-15953

LibEtPan through 1.9.4, as used in MailCore 2 through 0.6.3 and other products, has a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data e.g., from a meddler-in-the-middle attacker and evaluates it in a TLS...

OPENSUSE-SU-2020:0915-1 Security update for mutt

This update for mutt fixes the following issues: - CVE-2020-14954: Fixed a response injection due to a STARTTLS buffering issue which was affecting IMAP, SMTP, and POP3 bsc1173197. - CVE-2020-14093: Fixed a potential IMAP Man-in-the-Middle attack via a PREAUTH response bsc1172906, bsc1172935. -...

OPENSUSE-SU-2020:0231-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: - Mozilla Thunderbird 68.5 bsc1162777 MFSA 2020-07 bsc1163368 CVE-2020-6793 bmo1608539 Out-of-bounds read when processing certain email messages CVE-2020-6794 bmo1606619 Setting a master password post-Thunderbird 52 does not delete...

SUSE-SU-2020:0385-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: - Mozilla Thunderbird 68.5 bsc1162777 MFSA 2020-07 bsc1163368 CVE-2020-6793 bmo1608539 Out-of-bounds read when processing certain email messages CVE-2020-6794 bmo1606619 Setting a master password post-Thunderbird 52 does not delete...

CVE-2012-2993

Microsoft Windows Phone 7 does not verify the domain name in the subject's Common Name CN field of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL server for the 1 POP3, 2 IMAP, or 3 SMTP protocol via an arbitrary valid certificate...

hastymail2 webmail 1.1 rc2 - Persistent Cross-Site Scripting

!/usr/bin/python ''' Exploit Title: Hastymail2 Webmail Stored XSS Date: 17/08/2012 Exploit Author: Shai rod @NightRang3r Vendor Homepage: http://www.hastymail.org Software Link: http://sourceforge.net/projects/hastymail/files/latest/download Version: 1.1 RC2 Gr33Tz: @aviadgolan , @benhayak,...

Fedora Update for squirrelmail FEDORA-2008-9071

Check for the Version of squirrelmail OpenVAS Vulnerability Test Fedora Update for squirrelmail FEDORA-2008-9071 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

ISAA-2006-011.txt

============================================= INTERNET SECURITY AUDITORS ALERT 2006-011 - Original release date: September 28, 2006 - Last revised: December 1, 2006 - Discovered by: Vicente Aguilera Diaz - Severity: 3/5 ============================================= I. VULNERABILITY...

SquirrelFlaws.txt

============================================= INTERNET SECURITY AUDITORS ALERT 2006-002 - Original release date: February 27, 2006 - Last revised: February 27, 2006 - Discovered by: Vicente Aguilera Diaz - Severity: 3/5 ============================================= I. VULNERABILITY...