exploit the possibilities
Showing 1 - 25 of 413 RSS Feed

IMAP Files

Red Hat Security Advisory 2020-3736-01
Posted Sep 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3736-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include a resource exhaustion vulnerability.

tags | advisory, imap
systems | linux, redhat, unix
advisories | CVE-2020-12100, CVE-2020-12673, CVE-2020-12674
MD5 | 3e3c00406687bdd7544bee5ae76b9d62
Red Hat Security Advisory 2020-3735-01
Posted Sep 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3735-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include a resource exhaustion vulnerability.

tags | advisory, imap
systems | linux, redhat, unix
advisories | CVE-2020-12100, CVE-2020-12673, CVE-2020-12674
MD5 | b7913dbe9054d87ddd3386a326e526fa
Red Hat Security Advisory 2020-3713-01
Posted Sep 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3713-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include a resource exhaustion vulnerability.

tags | advisory, imap
systems | linux, redhat, unix
advisories | CVE-2020-12100, CVE-2020-12673, CVE-2020-12674
MD5 | a1345c86b05742f8a013f28048e4fc0d
Red Hat Security Advisory 2020-3617-01
Posted Sep 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3617-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include a resource exhaustion vulnerability.

tags | advisory, imap
systems | linux, redhat, unix
advisories | CVE-2020-12100, CVE-2020-12673, CVE-2020-12674
MD5 | 1a75e2e2a4466de0bd08ae5835cebf26
Hydra Network Logon Cracker 9.1
Posted Jul 29, 2020
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Enabled gcc 10 support for xhydra. Fixed crash in MD5 auth for rtsp. New module for smb2 which also supports smb3. Various other updates.
tags | tool, web, cracker, imap
systems | cisco, unix
MD5 | 7a2f54980ce44aff0cc047fb75751dba
Red Hat Security Advisory 2020-2901-01
Posted Jul 13, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2901-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, imap
systems | linux, redhat, unix
advisories | CVE-2020-10957
MD5 | 21d777f3bc6838dd0098fc1444797ad7
Ubuntu Security Notice USN-4421-1
Posted Jul 8, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4421-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. It was discovered that Thunderbird would continue an unencrypted connection when configured to use STARTTLS for IMAP if the server responded with PREAUTH. A remote attacker could potentially exploit this to perform a person-in-the-middle attack in order to obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, imap
systems | linux, ubuntu
advisories | CVE-2020-12398, CVE-2020-12399, CVE-2020-12406, CVE-2020-12410, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421
MD5 | 326f5ebac4547f863a712734770a0ae2
Gentoo Linux Security Advisory 202006-23
Posted Jun 16, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202006-23 - An error in Cyrus IMAP Server allows mailboxes to be created with administrative privileges. Versions less than 3.0.13 are affected.

tags | advisory, imap
systems | linux, gentoo
advisories | CVE-2019-19783
MD5 | 731c0d4be89af29f3f0f61f4a20aded5
Red Hat Security Advisory 2020-1062-01
Posted Apr 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1062-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, imap
systems | linux, redhat, unix
advisories | CVE-2019-3814, CVE-2019-7524
MD5 | b495176cea01fcafee9f3f3caa7d8773
Red Hat Security Advisory 2020-1126-01
Posted Apr 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1126-01 - Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Issues addressed include a traversal vulnerability.

tags | advisory, imap, protocol
systems | linux, redhat
advisories | CVE-2018-14355
MD5 | 2cf97b94c0cb1509e64e6aed9dc09042
Debian Security Advisory 4590-1
Posted Dec 21, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4590-1 - It was discovered that the lmtpd component of the Cyrus IMAP server created mailboxes with administrator privileges if the "fileinto" was used, bypassing ACL checks.

tags | advisory, imap
systems | linux, debian
advisories | CVE-2019-19783
MD5 | dd9baec1afef5fa61c6c4d7dd4b9d8f5
Red Hat Security Advisory 2019-3467-01
Posted Nov 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3467-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. An improper certificate validation flaw was addressed.

tags | advisory, imap
systems | linux, redhat, unix
advisories | CVE-2019-3814
MD5 | 767cfac6afdc315d9f98601ab9d5ce06
Ubuntu Security Notice USN-4160-1
Posted Oct 21, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4160-1 - It was discovered that UW IMAP incorrectly handled inputs. A remote attacker could possibly use this issue to execute arbitrary OS commands.

tags | advisory, remote, arbitrary, imap
systems | linux, ubuntu
advisories | CVE-2018-19518
MD5 | c9606c3f90ab515c5091d7042614ecc2
Red Hat Security Advisory 2019-2885-01
Posted Sep 24, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2885-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include an out of bounds write vulnerability.

tags | advisory, imap
systems | linux, redhat, unix
advisories | CVE-2019-11500
MD5 | 985f4b843e806fa8886364993376c729
Red Hat Security Advisory 2019-2836-01
Posted Sep 20, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2836-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include an out of bounds write vulnerability.

tags | advisory, imap
systems | linux, redhat, unix
advisories | CVE-2019-11500
MD5 | b08eabb4d5e0e143850082d447d4c689
Red Hat Security Advisory 2019-2822-01
Posted Sep 20, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2822-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include an out of bounds write vulnerability.

tags | advisory, imap
systems | linux, redhat, unix
advisories | CVE-2019-11500
MD5 | ae2ffaa4c4359c7ce4af4b38a1078db3
Red Hat Security Advisory 2019-2799-01
Posted Sep 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2799-01 - Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a focus on high concurrency, performance and low memory usage. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, imap, protocol
systems | linux, redhat
advisories | CVE-2019-9511, CVE-2019-9513, CVE-2019-9516
MD5 | fc9157e11fa80c71b2a0a2dd56a4aa07
Debian Security Advisory 4510-1
Posted Aug 28, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4510-1 - Nick Roessler and Rafi Rubin discovered that the IMAP and ManageSieve protocol parsers in the Dovecot email server do not properly validate input (both pre- and post-login). A remote attacker can take advantage of this flaw to trigger out of bounds heap memory writes, leading to information leaks or potentially the execution of arbitrary code.

tags | advisory, remote, arbitrary, imap, protocol
systems | linux, debian
advisories | CVE-2019-11500
MD5 | e3cf7ec7b9e533f10132ece6c1ce8f6b
iOS Messaging Tools
Posted Aug 7, 2019
Authored by saelo, Google Security Research, natashenka

This repository contains several tools Project Zero uses to test iPhone messaging. It includes SmsSimulator: an SMS simulator for iPhone, iMessage: tools for sending and dumping iMessage messages, and imapiness: a fuzzer for IMAP clients. See the directory for each tool for further instructions and contact information. This is not an officially supported Google product. These tools were released and presented at BlackHat USA 2019.

tags | tool, telephony, imap, fuzzer
systems | apple, iphone
MD5 | 2e9ddb1606e5ec0f3068837fa5919c6c
Red Hat Security Advisory 2019-1771-01
Posted Jul 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1771-01 - The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and SIEVE support. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, imap
systems | linux, redhat
advisories | CVE-2019-11356
MD5 | 7a662ed97be56cb8e5d9f0f3b495e821
Debian Security Advisory 4458-1
Posted Jun 8, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4458-1 - A flaw was discovered in the CalDAV feature in httpd of the Cyrus IMAP server, leading to denial of service or potentially the execution of arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name.

tags | advisory, web, denial of service, arbitrary, imap
systems | linux, debian
advisories | CVE-2019-11356
MD5 | d3a5c3253e31c58d798da946ccc38301
Visual Voicemail For iPhone IMAP NAMESPACE Use-After-Free
Posted May 21, 2019
Authored by Google Security Research, natashenka

Visual Voicemail for iPhone suffers from a use-after-free vulnerability in IMAP NAMESPACE processing.

tags | exploit, imap
systems | apple, iphone
advisories | CVE-2019-8613
MD5 | ee209f50afa19dc15f5533506c05c21c
Hydra Network Logon Cracker 9.0
Posted May 17, 2019
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Revamped rdp module to use FreeRDP library. Added memcached module. Added mongodb module. Various other updates.
tags | tool, web, imap
systems | cisco, unix
MD5 | 911974c25436f3ffa8598674081fcb84
Hydra Network Logon Cracker 8.9.1
Posted Feb 27, 2019
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Clarification for rdp error message. CIDR notation (hydra -l test -p test 192.168.0.0/24 ftp) was not detected, fixed.
tags | tool, web, imap
systems | cisco, unix
MD5 | 62f9cee963121b778562b6f319104c14
PHP imap_open Remote Code Execution
Posted Nov 28, 2018
Authored by h00die, Anton Lopanitsyn, Twoster | Site metasploit.com

The imap_open function within PHP, if called without the /norsh flag, will attempt to preauthenticate an IMAP session. On Debian based systems, including Ubuntu, rsh is mapped to the ssh binary. Ssh's ProxyCommand option can be passed from imap_open to execute arbitrary commands. While many custom applications may use imap_open, this exploit works against the following applications: e107 v2, prestashop, SuiteCRM, as well as Custom, which simply prints the exploit strings for use. Prestashop exploitation requires the admin URI, and administrator credentials. suiteCRM/e107/hostcms require administrator credentials.

tags | exploit, arbitrary, php, imap
systems | linux, debian, ubuntu
MD5 | d4da49f1f3382fe81325e51853a7fcc3
Page 1 of 17
Back12345Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    21 Files
  • 23
    Sep 23rd
    8 Files
  • 24
    Sep 24th
    15 Files
  • 25
    Sep 25th
    4 Files
  • 26
    Sep 26th
    1 Files
  • 27
    Sep 27th
    1 Files
  • 28
    Sep 28th
    20 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close