Lucene search

K
ubuntucveUbuntu.comUB:CVE-2006-0377
HistoryFeb 24, 2006 - 12:00 a.m.

CVE-2006-0377

2006-02-2400:00:00
ubuntu.com
ubuntu.com
11

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

EPSS

0.008

Percentile

81.4%

CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote
attackers to inject arbitrary IMAP commands via newline characters in the
mailbox parameter of the sqimap_mailbox_select command, aka “IMAP
injection.”

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchsquirrelmail< 1.4.6-1ubuntu0.1UNKNOWN
ubuntu6.10noarchsquirrelmail< 1.4.8-1ubuntu0.1UNKNOWN
ubuntu7.04noarchsquirrelmail< 1.4.9a-1ubuntu0.1UNKNOWN

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

EPSS

0.008

Percentile

81.4%