exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 448 RSS Feed

IMAP Files

Debian Security Advisory 5572-1
Posted Dec 4, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5572-1 - Rene Rehme discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not properly set headers when handling attachments. This would allow an attacker to load arbitrary JavaScript code.

tags | advisory, arbitrary, javascript, imap
systems | linux, debian
advisories | CVE-2023-47272
SHA-256 | 7488c1f8cb39c45a8e6fb8d221877649d21afc6a14f9c3eceb2b735b03ccc617
Debian Security Advisory 5531-1
Posted Oct 23, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5531-1 - It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not properly sanitize HTML messages. This would allow an attacker to load arbitrary JavaScript code.

tags | advisory, arbitrary, javascript, imap
systems | linux, debian
advisories | CVE-2023-5631
SHA-256 | 961824a129d751981518c8ecfbe654d441e2922aec3a9645d77dae20b42b7ecd
Hydra Network Logon Cracker 9.5
Posted Jun 13, 2023
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: 2 updates to http-form, 1 fix for smb2, 1 fix for smtp, and 1 fix for rdp.
tags | tool, web, imap
systems | cisco, unix
SHA-256 | 9dd193b011fdb3c52a17b0da61a38a4148ffcad731557696819d4721d1bee76b
Red Hat Security Advisory 2022-8219-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8219-01 - Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, imap, protocol
systems | linux, redhat
advisories | CVE-2022-1328
SHA-256 | fefbdd46533f31ed13f8f99f50cde55d7df767b954e1842332f8cf2d52392e38
Red Hat Security Advisory 2022-8208-01
Posted Nov 15, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8208-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include a privilege escalation vulnerability.

tags | advisory, imap
systems | linux, redhat, unix
advisories | CVE-2022-30550
SHA-256 | 1c058e83ddb123ad31ada14507e1f3dd3a47def167186e8200331dc747993688
Red Hat Security Advisory 2022-7623-01
Posted Nov 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7623-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include a privilege escalation vulnerability.

tags | advisory, imap
systems | linux, redhat, unix
advisories | CVE-2022-30550
SHA-256 | b179fbf11c0921bcf24d4d4ab71f281c6b8c8d9b3c9c355b2c652a2687e77864
Red Hat Security Advisory 2022-7640-01
Posted Nov 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7640-01 - Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, imap, protocol
systems | linux, redhat
advisories | CVE-2022-1328
SHA-256 | 93bb58cc025203cb3fd5abcf648849004767f0081e36e801c3133795e36a1123
Hydra Network Logon Cracker 9.4
Posted Sep 8, 2022
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Switched from pcre/pcre3 to pcre2 as pcre/pcre3 will be dropped from Debian. Small fix for weird RTSP servers. Added "2=" optional parameter to http-post-form module to tell hydra that a "302" HTTP return code means success. Replaced wait3 with waitpid for better compatibility.
tags | tool, web, imap
systems | cisco, unix
SHA-256 | c906e2dd959da7ea192861bc4bccddfed9bc1799826f7600255f57160fd765f8
Dovecot IMAP Server 2.2 Improper Access Control
Posted Jul 7, 2022
Authored by Julian Brook

Dovecot IMAP server version 2.2 suffers from a privilege escalation vulnerability. When two passdb configuration entries exist in the Dovecot configuration, which have the same driver and args settings, the incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation with certain configurations involving master user authentication.

tags | advisory, imap
advisories | CVE-2022-30550
SHA-256 | c9c1a6dcc53febbada1b722a950a737522f4c2987b34eb7b27226ddd2a58c66b
Red Hat Security Advisory 2022-1950-01
Posted May 11, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1950-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages.

tags | advisory, imap
systems | linux, redhat, unix
advisories | CVE-2021-33515
SHA-256 | c96d5111f5070a5af8936a5b285732d58b1ba5c094025f86d272acb9af844c39
Debian Security Advisory 5066-1
Posted Feb 28, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5066-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language and the Rubygems included, which may result on result in XML roundtrip attacks, the execution of arbitrary code, information disclosure, StartTLS stripping in IMAP or denial of service.

tags | advisory, denial of service, arbitrary, vulnerability, imap, info disclosure, ruby
systems | linux, debian
advisories | CVE-2021-28965, CVE-2021-31799, CVE-2021-31810, CVE-2021-32066, CVE-2021-41817, CVE-2021-41819
SHA-256 | 06fe6a239e4a0b70fe9ff726baf6486b9f36b1ff6318001480327005363f19d9
Hydra Network Logon Cracker 9.3
Posted Feb 3, 2022
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Added support for Xcode compilation and new module cobaltstrike. Fixed ssh to support -M or ip/rangeix, rdp to detect empty passwords, http-form to no send empty headers, http on non-default ports when using with a proxy for vnc/cisco/, support IPv6 addresses in -M, and more.
tags | tool, web, imap
systems | cisco, unix
SHA-256 | 3977221a7eb176cd100298c6d47939999a920a628868ae1aceed408a21e04013
Debian Security Advisory 5037-1
Posted Jan 28, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5037-1 - It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not properly sanitize HTML messages. This would allow an attacker to perform Cross-Side Scripting (XSS) attacks.

tags | advisory, imap
systems | linux, debian
advisories | CVE-2021-46144
SHA-256 | 3cfd37c51848a3388ff17f5e35ac72a031f6545fee19d28d0c674f22610b9162
Debian Security Advisory 5013-1
Posted Nov 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5013-1 - It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not properly sanitize requests and mail messages. This would allow an attacker to perform Cross-Side Scripting (XSS) or SQL injection attacks.

tags | advisory, imap, sql injection
systems | linux, debian
advisories | CVE-2021-44025, CVE-2021-44026
SHA-256 | a03a03eab4188f259316a76f031e24b205af8e66667b567c402a33759e43f75a
Red Hat Security Advisory 2021-4181-03
Posted Nov 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4181-03 - Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Issues addressed include a memory leak vulnerability.

tags | advisory, imap, protocol, memory leak
systems | linux, redhat
advisories | CVE-2020-28896, CVE-2021-3181
SHA-256 | f637abbe05b01eb8ecdc9dab201e7c132c21c24013b36468c1d62133ed476d79
Red Hat Security Advisory 2021-3546-01
Posted Sep 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3546-01 - The Cyrus IMAP server provides access to personal mail, system-wide bulletin boards, news-feeds, calendar and contacts through the IMAP, JMAP, NNTP, CalDAV and CardDAV protocols. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, imap, protocol
systems | linux, redhat
advisories | CVE-2021-33582
SHA-256 | f906598321e1f6eb52920261111c9632db38f848be1dac81ce1c97c946db901b
Red Hat Security Advisory 2021-3492-01
Posted Sep 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3492-01 - The Cyrus IMAP server provides access to personal mail, system-wide bulletin boards, news-feeds, calendar and contacts through the IMAP, JMAP, NNTP, CalDAV and CardDAV protocols. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, imap, protocol
systems | linux, redhat
advisories | CVE-2021-33582
SHA-256 | 43f8d9b01207dfa0d24b4cf764fa6d29dbe280a0e6ebb6265c1f1fdee7b31282
Red Hat Security Advisory 2021-3493-01
Posted Sep 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3493-01 - The Cyrus IMAP server provides access to personal mail, system-wide bulletin boards, news-feeds, calendar and contacts through the IMAP, JMAP, NNTP, CalDAV and CardDAV protocols. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, imap, protocol
systems | linux, redhat
advisories | CVE-2021-33582
SHA-256 | df5df5a67956e4c3f6b317fc69d22d4f177a767e0113d518d0c06f4225ab743d
Ubuntu Security Notice USN-5058-1
Posted Aug 31, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5058-1 - It was discovered that Thunderbird didn't ignore IMAP server responses prior to completion of the STARTTLS handshake. A person-in-the-middle could potentially exploit this to trick Thunderbird into showing incorrect information. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, imap
systems | linux, ubuntu
advisories | CVE-2021-29969, CVE-2021-29984, CVE-2021-29985, CVE-2021-29989, CVE-2021-30547
SHA-256 | d439dc830ff759d365c01af29919212afc94c2f9e8414adca8c017e63f81126f
Red Hat Security Advisory 2021-1887-01
Posted May 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1887-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, imap
systems | linux, redhat, unix
advisories | CVE-2020-24386, CVE-2020-25275
SHA-256 | 045796f3b8418b5d1ac6859ee2713ae9bc1a6fe4c33f84ee2b09f1874015aaf9
Hydra Network Logon Cracker 9.2
Posted Mar 15, 2021
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Fix for http-post-form optional parameters. Enabled gcc 10 support for xhydra. IPv6 support for Host: header for http based modules. Various other updates.
tags | tool, web, imap
systems | cisco, unix
SHA-256 | 1a28f064763f9144f8ec574416a56ef51c0ab1ae2276e35a89ceed4f594ec5d2
Dovecot 2.3.11.3 Access Bypass
Posted Jan 7, 2021
Authored by Aki Tuomi

Dovecot versions 2.2.26 through 2.3.11.3 suffer from a bypass issue. When imap hibernation is active, an attacker can cause Dovecot to discover file system directory structure and access other users' emails using a specially crafted command. The attacker must have valid credentials to access the mail server.

tags | advisory, imap, bypass
advisories | CVE-2020-24386
SHA-256 | 5e5468067fc35516788b52ac2a4e75207c4c6d4b1f0ea93176e970b293daf7d6
Ubuntu Security Notice USN-4674-1
Posted Jan 4, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4674-1 - It was discovered that Dovecot incorrectly handled certain imap hibernation commands. A remote authenticated attacker could possibly use this issue to access other users' email. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. Innokentii Sennovskiy discovered that Dovecot incorrectly handled MIME parsing. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, imap
systems | linux, ubuntu
advisories | CVE-2020-24386, CVE-2020-25275
SHA-256 | a6fb24566e34ca33892166efc08d56441a09b26e354fd4b998d65c1ffc7d4c66
Debian Security Advisory 4821-1
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4821-1 - Alex Birnberg discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, is prone to a cross-site scripting vulnerability in handling HTML or Plain text messages with malicious content.

tags | advisory, imap, xss
systems | linux, debian
advisories | CVE-2020-35730
SHA-256 | 767561724a53319077d3cdf5d57e9f5904fcd9eb4ae9dc5d7a3475c8e8af11f2
Red Hat Security Advisory 2020-4763-01
Posted Nov 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4763-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include denial of service and use-after-free vulnerabilities.

tags | advisory, denial of service, vulnerability, imap
systems | linux, redhat, unix
advisories | CVE-2020-10958, CVE-2020-10967
SHA-256 | 95023ee6ccfb4930ceec503cc37701c443c932cfb1c4e11e4b4e377d760694ea
Page 1 of 18
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close