Exploit the possiblities
Showing 1 - 25 of 382 RSS Feed

IMAP Files

Red Hat Security Advisory 2017-3263-01
Posted Nov 27, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3263-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: A buffer overrun flaw was found in the IMAP handler of libcurl. By tricking an unsuspecting user into connecting to a malicious IMAP server, an attacker could exploit this flaw to potentially cause information disclosure or crash the application.

tags | advisory, web, overflow, imap, protocol, info disclosure
systems | linux, redhat
advisories | CVE-2017-1000257
MD5 | 86651d87af714f9843e058e1d4dfe44c
Ubuntu Security Notice USN-3457-1
Posted Oct 23, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3457-1 - Brian Carpenter discovered that curl incorrectly handled IMAP FETCH response lines. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, imap
systems | linux, ubuntu
advisories | CVE-2017-1000257
MD5 | 4e6800eeae059ac1675f3796efc281e4
Red Hat Security Advisory 2017-2538-01
Posted Aug 28, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2538-01 - Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage. Security Fix: A flaw within the processing of ranged HTTP requests has been discovered in the range filter module of nginx. A remote attacker could possibly exploit this flaw to disclose parts of the cache file header, or, if used in combination with third party modules, disclose potentially sensitive memory by sending specially crafted HTTP requests.

tags | advisory, remote, web, imap, protocol
systems | linux, redhat
advisories | CVE-2017-7529
MD5 | bda036ceec782c1988229b248613f104
Hydra Network Logon Cracker 8.6
Posted Jul 22, 2017
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Added radmin2 module by catatonic prime. SMB module now checks if SMBv1 is supported by the server and if signing is required. http-form module now supports URLs up to 6000 bytes. Various other updates.
tags | tool, web, imap
systems | cisco, unix
MD5 | 5d909cfea627a1f2482b82dfbd64956c
Hydra Network Logon Cracker 8.5
Posted May 4, 2017
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: New command line option. Changed the format of the restore file to detect cross platform copies. Various bug fixes.
tags | tool, web, imap
systems | cisco, unix
MD5 | 20e097ff7ee11f1c02a9fd2e626a2f97
EMPHASISMINE 3.4.0 IBM Lotus Domino IMAP Exploit
Posted Apr 15, 2017

EMPHASISMINE is an IMAP exploit for IBM Lotus Domino. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content. Consider this exploit hostile and unverified. For research purposes only. Description has been referenced from http://medium.com/@networksecurity.

tags | exploit, web, imap
MD5 | 0cfabb5496e540c645d4cba512a96f1a
Hydra Network Logon Cracker 8.4
Posted Jan 31, 2017
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Multiple new protocols implemented. Various bug fixes and proxy support was re-implemented.
tags | tool, web, imap
systems | cisco, unix
MD5 | ac0ffac9bdd1763c69280d00bb90775c
Hydra Network Logon Cracker 8.3
Posted Aug 12, 2016
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Support for upcoming OpenSSL 1.1 added. Fixed hydra redo bug. Updated xhydra for new hydra features and options. Some more command line error checking added. Ensured unneeded sockets are closed.
tags | tool, web, imap
systems | cisco, unix
MD5 | 481e842e141da7ef7e2250a1b0f5da5e
Hydra Network Logon Cracker 8.2
Posted Jun 16, 2016
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Added RTSP module. Added patch for ssh. Added SSL SNI support. Various other updates.
tags | tool, web, imap
systems | cisco, unix
MD5 | c74549322d2bd52ff6db3853d084cc8a
FreeBSD Security Advisory - FreeBSD-SA-16:12.openssl
Posted Mar 14, 2016
Authored by OpenSSL Project | Site security.freebsd.org

FreeBSD Security Advisory - A cross-protocol attack was discovered that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenbacher RSA padding oracle. Note that traffic between clients and non-vulnerable servers can be decrypted provided another server supporting SSLv2 and EXPORT ciphers (even with a different protocol such as SMTP, IMAP or POP3) shares the RSA keys of the non-vulnerable server. This vulnerability is known as DROWN. Various other issues were also addressed.

tags | advisory, imap, protocol
systems | freebsd, bsd
advisories | CVE-2016-0702, CVE-2016-0703, CVE-2016-0704, CVE-2016-0705
MD5 | 9ba68b8ddba8c9076b272b296999095c
Xplico Network Forensic Analysis Tool 1.1.2
Posted Feb 17, 2016
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.

Changes: IPv4 defragmentation and CapAnalysis dissectors and dispatcher were changed.
tags | tool, imap, forensics
systems | linux
MD5 | 741633163c0619389b6c9554095f667c
Xplico Network Forensic Analysis Tool 1.1.1
Posted Nov 2, 2015
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.

Changes: Added MGCP dissector. IMAP bug fixed.
tags | tool, imap, forensics
systems | linux
MD5 | ce666a8bee310b268392ae99f51d67e5
Heartbleed Vulnerability Scanning Tool
Posted Sep 24, 2015
Authored by hybridus

This python script checks for the OpenSSL memory leak named Heartbleed and as noted in CVE-2014-0160. It can be used for different SSL TLS versions and multiple (HTTPS/SMTP/IMAP/POP3) protocols. It is optimized for mass scans.

tags | tool, web, scanner, imap, protocol, memory leak, python
systems | unix
advisories | CVE-2014-0160
MD5 | b1db07ac7b0e8d6d76ddabdff37f79c6
Ubuntu Security Notice USN-2653-1
Posted Jun 25, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2653-1 - It was discovered that multiple Python protocol libraries incorrectly limited certain data when connecting to servers. A malicious ftp, http, imap, nntp, pop or smtp server could use this issue to cause a denial of service. It was discovered that the Python xmlrpc library did not limit unpacking gzip-compressed HTTP bodies. A malicious server could use this issue to cause a denial of service. Various other issues were also addressed.

tags | advisory, web, denial of service, imap, protocol, python
systems | linux, ubuntu
advisories | CVE-2013-1752, CVE-2013-1753, CVE-2014-4616, CVE-2014-4650, CVE-2014-7185
MD5 | ac9d8c6cbf95a6ebe7d7cd29055bba98
Mandriva Linux Security Advisory 2015-113
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-113 - Updated dovecot packages fix security vulnerability. Dovecot before 2.2.13 is vulnerable to a DoS attack against imap/pop3-login processes. If SSL/TLS handshake was started but wasn't finished, the login process attempted to eventually forcibly disconnect the client, but failed to do it correctly. This could have left the connections hanging around for a long time.

tags | advisory, imap
systems | linux, mandriva
advisories | CVE-2014-3430
MD5 | 04e7a260c9adecc73f42dd9613092367
Hydra Network Logon Cracker 8.1
Posted Dec 8, 2014
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Multiple patches added. The -M option is fixed. Various other small fixes and enhancements.
tags | tool, web, imap
systems | cisco, unix
MD5 | 7a20011400c6282603d4b1ae461cabf2
Mandriva Linux Security Advisory 2014-182
Posted Sep 25, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-182 - Robert Scheck reported that Zarafa's WebAccess stored session information, including login credentials, on-disk in PHP session files. This session file would contain a user's username and password to the Zarafa IMAP server. Robert Scheck discovered that the Zarafa Collaboration Platform has multiple incorrect default permissions.

tags | advisory, php, imap
systems | linux, mandriva
advisories | CVE-2014-0103, CVE-2014-5447, CVE-2014-5448, CVE-2014-5449, CVE-2014-5450
MD5 | ec52bc1b38339b4ddfed4e51c2496628
Debian Security Advisory 2979-1
Posted Jul 19, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2979-1 - Two vulnerabilities were discovered in Fail2ban, a solution to ban hosts that cause multiple authentication errors. When using Fail2ban to monitor Postfix or Cyrus IMAP logs, improper input validation in log parsing could enable a remote attacker to trigger an IP ban on arbitrary addresses, resulting in denial of service.

tags | advisory, remote, denial of service, arbitrary, vulnerability, imap
systems | linux, debian
advisories | CVE-2013-7176, CVE-2013-7177
MD5 | b8e0f4dae94ee061ba613373d54d7a1b
Red Hat Security Advisory 2014-0790-01
Posted Jun 25, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0790-01 - Dovecot is an IMAP server, written with security primarily in mind, for Linux and other UNIX-like systems. It also contains a small POP3 server. It supports mail in both the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. It was discovered that Dovecot did not properly discard connections trapped in the SSL/TLS handshake phase. A remote attacker could use this flaw to cause a denial of service on an IMAP/POP3 server by exhausting the pool of available connections and preventing further, legitimate connections to the IMAP/POP3 server to be made.

tags | advisory, remote, denial of service, imap
systems | linux, redhat, unix
advisories | CVE-2014-3430
MD5 | f72fa3d0e02a43263c34e61052b660d6
Debian Security Advisory 2954-1
Posted Jun 10, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2954-1 - It was discovered that the Dovecot email server is vulnerable to a denial of service attack against imap/pop3-login processes due to incorrect handling of the closure of inactive SSL/TLS connections.

tags | advisory, denial of service, imap
systems | linux, debian
advisories | CVE-2014-3430
MD5 | d6be4ce8a522c3a4434851e5d9df1a86
PCredz 0.9
Posted Jun 9, 2014
Authored by laurent gaffie | Site github.com

This tool extracts credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, and more from a pcap file or from a live interface.

tags | tool, web, sniffer, imap
MD5 | 53dbaff0289eccf8b85cdc81bfc319a1
Hydra Network Logon Cracker 8.0
Posted Jun 3, 2014
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Added patch for xhydra that adds bruteforce generator to the GUI, initial interactive password authentication test for ssh, patch which adds Unicode support for the SMB module, and module for redis. Various bug fixes and enhancements also included.
tags | tool, web, imap
systems | cisco, unix
MD5 | 8ae08657af314677a008533c621e9ee7
Mandriva Linux Security Advisory 2014-099
Posted May 19, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-099 - Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service via an incomplete SSL/TLS handshake for an IMAP/POP3 connection. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service, imap
systems | linux, mandriva
advisories | CVE-2014-3430
MD5 | 203a4d17ba895e3795644fd85f6341ee
Xplico Network Forensic Analysis Tool 1.1.0
Posted Jan 7, 2014
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.

Changes: This release improves performance, and adds the new dissectors Yahoo Messenger, Cisco HDLC, and Null/Loopback. The nDPI library has been updated. Alice Webmail and Libero Webmail decoding have been added.
tags | tool, imap, forensics
systems | linux
MD5 | 4822ac669f61afeea11c25f60a1a841c
Hydra Network Logon Cracker 7.6
Posted Jan 3, 2014
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Added a wizard script for hydra. Added module for Siemens S7-300. Various other updates and fixes.
tags | tool, web, imap
systems | cisco, unix
MD5 | 62af688a07830d505d227bdaaeff9e0a
Page 1 of 16
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

February 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    15 Files
  • 2
    Feb 2nd
    15 Files
  • 3
    Feb 3rd
    15 Files
  • 4
    Feb 4th
    13 Files
  • 5
    Feb 5th
    16 Files
  • 6
    Feb 6th
    15 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    15 Files
  • 9
    Feb 9th
    18 Files
  • 10
    Feb 10th
    8 Files
  • 11
    Feb 11th
    8 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    15 Files
  • 14
    Feb 14th
    15 Files
  • 15
    Feb 15th
    17 Files
  • 16
    Feb 16th
    18 Files
  • 17
    Feb 17th
    37 Files
  • 18
    Feb 18th
    2 Files
  • 19
    Feb 19th
    16 Files
  • 20
    Feb 20th
    16 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    16 Files
  • 23
    Feb 23rd
    31 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close