Lucene search
K

170 matches found

Check Point Advisories
Check Point Advisories
added 2009/10/19 12:0 a.m.14 views

GNU Mailutils imap4d SEARCH Format String (CVE-2005-2878)

The Internet Message Access Protocol IMAP specifies a protocol for the access and manipulation of electronic mail. The protocol permits the manipulation of mailboxes on a remote server and allows a remote client, among other operations, to create, delete, or rename mailboxes on the server side. T...

7.5CVSS7.5AI score0.14567EPSS
Exploits1
myhack58
myhack58
added 2009/01/13 12:0 a.m.23 views

The use of the hamster hijacking Gmail(sidejacking)-vulnerability warning-the black bar safety net

4 month released, the software DESCRIPTION is tempting: "The black hat of the General Assembly after the outgoing of a tool to Ferret it. The author claims that you can use him to intercept mail login process the cookie information. Then you can feel free to invade the others mailbox. Worked at t...

7.2AI score
Exploits0
OSV
OSV
added 2008/10/15 8:8 p.m.2 views

DEBIAN-CVE-2008-4578

The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes...

5CVSS6.5AI score0.01679EPSS
Exploits0References1
OSV
OSV
added 2008/10/15 8:8 p.m.7 views

CVE-2008-4578

The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes...

6.2AI score
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2008/10/15 8:8 p.m.1 views

CVE-2008-4578

The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes...

5CVSS5.5AI score0.01679EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2008/10/15 8:0 p.m.28 views

CVE-2008-4578

The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes...

5CVSS6.3AI score0.01679EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2008/05/20 2:28 p.m.6 views

Directory traversal in dovecot with zlib plugin

Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped .gz mailboxes mbox files via a .. dot dot sequence in the mailbox name...

4.3CVSS6AI score0.02123EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.16 views

Debian: Security Advisory (DSA-197)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.6CVSS7.2AI score0.0034EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2007/11/13 11:0 p.m.18 views

CVE-2007-5794

Race condition in nssldap, when used in applications that are linked against the pthread library and fork after a call to nssldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong...

4.3CVSS6.2AI score0.01164EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.6 views

openSUSE 10 Security Update : dovecot (dovecot-3135)

A bug in dovecot allowed users to read compressed mailboxes of other users under certain circumstances. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update dovecot-3135. The text description of th...

5.4AI score
Exploits0
UbuntuCve
UbuntuCve
added 2007/04/25 3:19 p.m.22 views

CVE-2007-2231

Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped .gz mailboxes mbox files via a .. dot dot sequence in the mailbox name...

4.3CVSS6.1AI score0.02123EPSS
Exploits0References2
Prion
Prion
added 2007/04/25 3:19 p.m.21 views

Directory traversal

Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped .gz mailboxes mbox files via a .. dot dot sequence in the mailbox name...

4.3CVSS6.5AI score0.02123EPSS
Exploits0References14Affected Software1
NVD
NVD
added 2007/04/25 3:19 p.m.14 views

CVE-2007-2231

Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped .gz mailboxes mbox files via a .. dot dot sequence in the mailbox name...

4.3CVSS6.4AI score0.02123EPSS
Exploits0References14
OSV
OSV
added 2007/04/25 3:19 p.m.10 views

CVE-2007-2231

Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped .gz mailboxes mbox files via a .. dot dot sequence in the mailbox name...

6.4AI score
Exploits0References14
Cvelist
Cvelist
added 2007/04/25 3:0 p.m.37 views

CVE-2007-2231

Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped .gz mailboxes mbox files via a .. dot dot sequence in the mailbox name...

6.3AI score0.02123EPSS
Exploits0References14
Debian CVE
Debian CVE
added 2007/04/25 3:0 p.m.33 views

CVE-2007-2231

Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped .gz mailboxes mbox files via a .. dot dot sequence in the mailbox name...

4.3CVSS6.3AI score0.02123EPSS
Exploits0
NVD
NVD
added 2007/04/02 11:19 p.m.17 views

CVE-2007-1823

T-Mobile voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification CNID, aka Caller ID...

10CVSS6.7AI score0.01975EPSS
Exploits0References2
Cvelist
Cvelist
added 2007/04/02 11:0 p.m.26 views

CVE-2007-1822

Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification CNID, aka Caller ID...

6.7AI score0.03058EPSS
Exploits0References2
CVE
CVE
added 2007/04/02 11:0 p.m.52 views

CVE-2007-1823

CVE-2007-1823 affects T-Mobile voice mail systems, where remote attackers can retrieve or remove messages or reconfigure mailboxes by spoofing CNID (Caller ID). The vulnerability stems from CNID-based authentication allowing remote abuse, leading to complete confidentiality, integrity, and availa...

10CVSS6.7AI score0.01975EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2007/04/02 11:0 p.m.27 views

CVE-2007-1823

T-Mobile voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification CNID, aka Caller ID...

6.7AI score0.01975EPSS
Exploits0References2
Rows per page
Query Builder