Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:10835
HistoryJan 15, 2019 - 8:52 a.m.

Denial Of Service

2019-01-1508:52:47
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

JSON

SquirrelMail is vulnerable to denial of service attack.For log in attempts with 8-bit character passwords, the library creates user preference file even if the user name is invalid. Using this flaw, an attacker can exhaust memory in server by making many invalid IMAP log in attempts with different user names, leading to denial of service. The vulnerability is a result of incorrect fix for CVE-2010-2813.

Related

nessus 12
oraclelinux 2
openvas 23
redhat 2
cve 2
ubuntucve 2
prion 2
centos 2
osv 1
veracode 1
fedora 2
securityvulns 4
debian 1
nessus
nessus
RHEL 5 : squirrelmail (RHSA-2013:0126)
2013-01-08 00:00:00
Oracle Linux 5 : squirrelmail (ELSA-2013-0126)
2013-07-12 00:00:00
CentOS 5 : squirrelmail (CESA-2013:0126)
2013-01-17 00:00:00
oraclelinux
oraclelinux
squirrelmail security and bug fix update
2013-01-11 00:00:00
squirrelmail security update
2012-02-08 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2013-0126)
2015-10-06 00:00:00
CentOS Update for squirrelmail CESA-2013:0126 centos5
2013-01-21 00:00:00
RedHat Update for squirrelmail RHSA-2013:0126-01
2013-01-11 00:00:00
redhat
redhat
(RHSA-2013:0126) Low: squirrelmail security and bug fix update
2013-01-08 00:00:00
(RHSA-2012:0103) Moderate: squirrelmail security update
2012-02-08 00:00:00
cve
cve
CVE-2012-2124
2013-01-18 11:48:00
CVE-2010-2813
2010-08-19 18:00:00
ubuntucve
ubuntucve
CVE-2010-2813
2010-08-19 00:00:00
CVE-2012-2124
2013-01-18 00:00:00
prion
prion
Design/Logic Flaw
2013-01-18 11:48:00
Design/Logic Flaw
2010-08-19 18:00:00
centos
centos
squirrelmail security update
2013-01-09 20:54:52
squirrelmail security update
2012-02-08 20:29:14
osv
osv
squirrelmail - cross-site request forgery
2010-08-12 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:06:28
fedora
fedora
[SECURITY] Fedora 13 Update: squirrelmail-1.4.21-1.fc13
2010-08-12 04:11:47
[SECURITY] Fedora 12 Update: squirrelmail-1.4.21-1.fc12
2010-08-12 04:08:08
securityvulns
securityvulns
[SECURITY] [DSA 2091-1] New squirrelmail packages fix cross-site request forgery
2010-08-14 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2010-08-14 00:00:00
Apple OS X multiple security vulnerabilities
2012-02-03 00:00:00
debian
debian
[SECURITY] [DSA 2091-1] New squirrelmail packages fix cross-site request forgery
2010-08-12 20:20:02

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

JSON
Related for VERACODE:10835
nessus12oraclelinux2openvas23redhat2cve2ubuntucve2prion2centos2osv1veracode1fedora2securityvulns4debian1