Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:24825
HistoryApr 10, 2020 - 1:06 a.m.

Denial Of Service (DoS)

2020-04-1001:06:28
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

squirrelmail is vulnerable to denial of service (DoS). The vulnerability exists as a flaw was found in the way SquirrelMail handled failed log in attempts. A user preference file was created when attempting to log in with a password containing an 8-bit character, even if the username was not valid. A remote attacker could use this flaw to eventually consume all hard disk space on the target SquirrelMail server.

References

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

Related for VERACODE:24825