exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 445 RSS Feed

IMAP Files

Red Hat Security Advisory 2022-8219-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8219-01 - Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, imap, protocol
systems | linux, redhat
advisories | CVE-2022-1328
SHA-256 | fefbdd46533f31ed13f8f99f50cde55d7df767b954e1842332f8cf2d52392e38
Red Hat Security Advisory 2022-8208-01
Posted Nov 15, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8208-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include a privilege escalation vulnerability.

tags | advisory, imap
systems | linux, redhat, unix
advisories | CVE-2022-30550
SHA-256 | 1c058e83ddb123ad31ada14507e1f3dd3a47def167186e8200331dc747993688
Red Hat Security Advisory 2022-7623-01
Posted Nov 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7623-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include a privilege escalation vulnerability.

tags | advisory, imap
systems | linux, redhat, unix
advisories | CVE-2022-30550
SHA-256 | b179fbf11c0921bcf24d4d4ab71f281c6b8c8d9b3c9c355b2c652a2687e77864
Red Hat Security Advisory 2022-7640-01
Posted Nov 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7640-01 - Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, imap, protocol
systems | linux, redhat
advisories | CVE-2022-1328
SHA-256 | 93bb58cc025203cb3fd5abcf648849004767f0081e36e801c3133795e36a1123
Hydra Network Logon Cracker 9.4
Posted Sep 8, 2022
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Switched from pcre/pcre3 to pcre2 as pcre/pcre3 will be dropped from Debian. Small fix for weird RTSP servers. Added "2=" optional parameter to http-post-form module to tell hydra that a "302" HTTP return code means success. Replaced wait3 with waitpid for better compatibility.
tags | tool, web, imap
systems | cisco, unix
SHA-256 | c906e2dd959da7ea192861bc4bccddfed9bc1799826f7600255f57160fd765f8
Dovecot IMAP Server 2.2 Improper Access Control
Posted Jul 7, 2022
Authored by Julian Brook

Dovecot IMAP server version 2.2 suffers from a privilege escalation vulnerability. When two passdb configuration entries exist in the Dovecot configuration, which have the same driver and args settings, the incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation with certain configurations involving master user authentication.

tags | advisory, imap
advisories | CVE-2022-30550
SHA-256 | c9c1a6dcc53febbada1b722a950a737522f4c2987b34eb7b27226ddd2a58c66b
Red Hat Security Advisory 2022-1950-01
Posted May 11, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1950-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages.

tags | advisory, imap
systems | linux, redhat, unix
advisories | CVE-2021-33515
SHA-256 | c96d5111f5070a5af8936a5b285732d58b1ba5c094025f86d272acb9af844c39
Debian Security Advisory 5066-1
Posted Feb 28, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5066-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language and the Rubygems included, which may result on result in XML roundtrip attacks, the execution of arbitrary code, information disclosure, StartTLS stripping in IMAP or denial of service.

tags | advisory, denial of service, arbitrary, vulnerability, imap, info disclosure, ruby
systems | linux, debian
advisories | CVE-2021-28965, CVE-2021-31799, CVE-2021-31810, CVE-2021-32066, CVE-2021-41817, CVE-2021-41819
SHA-256 | 06fe6a239e4a0b70fe9ff726baf6486b9f36b1ff6318001480327005363f19d9
Hydra Network Logon Cracker 9.3
Posted Feb 3, 2022
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Added support for Xcode compilation and new module cobaltstrike. Fixed ssh to support -M or ip/rangeix, rdp to detect empty passwords, http-form to no send empty headers, http on non-default ports when using with a proxy for vnc/cisco/, support IPv6 addresses in -M, and more.
tags | tool, web, imap
systems | cisco, unix
SHA-256 | 3977221a7eb176cd100298c6d47939999a920a628868ae1aceed408a21e04013
Debian Security Advisory 5037-1
Posted Jan 28, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5037-1 - It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not properly sanitize HTML messages. This would allow an attacker to perform Cross-Side Scripting (XSS) attacks.

tags | advisory, imap
systems | linux, debian
advisories | CVE-2021-46144
SHA-256 | 3cfd37c51848a3388ff17f5e35ac72a031f6545fee19d28d0c674f22610b9162
Debian Security Advisory 5013-1
Posted Nov 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5013-1 - It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not properly sanitize requests and mail messages. This would allow an attacker to perform Cross-Side Scripting (XSS) or SQL injection attacks.

tags | advisory, imap, sql injection
systems | linux, debian
advisories | CVE-2021-44025, CVE-2021-44026
SHA-256 | a03a03eab4188f259316a76f031e24b205af8e66667b567c402a33759e43f75a
Red Hat Security Advisory 2021-4181-03
Posted Nov 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4181-03 - Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Issues addressed include a memory leak vulnerability.

tags | advisory, imap, protocol, memory leak
systems | linux, redhat
advisories | CVE-2020-28896, CVE-2021-3181
SHA-256 | f637abbe05b01eb8ecdc9dab201e7c132c21c24013b36468c1d62133ed476d79
Red Hat Security Advisory 2021-3546-01
Posted Sep 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3546-01 - The Cyrus IMAP server provides access to personal mail, system-wide bulletin boards, news-feeds, calendar and contacts through the IMAP, JMAP, NNTP, CalDAV and CardDAV protocols. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, imap, protocol
systems | linux, redhat
advisories | CVE-2021-33582
SHA-256 | f906598321e1f6eb52920261111c9632db38f848be1dac81ce1c97c946db901b
Red Hat Security Advisory 2021-3492-01
Posted Sep 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3492-01 - The Cyrus IMAP server provides access to personal mail, system-wide bulletin boards, news-feeds, calendar and contacts through the IMAP, JMAP, NNTP, CalDAV and CardDAV protocols. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, imap, protocol
systems | linux, redhat
advisories | CVE-2021-33582
SHA-256 | 43f8d9b01207dfa0d24b4cf764fa6d29dbe280a0e6ebb6265c1f1fdee7b31282
Red Hat Security Advisory 2021-3493-01
Posted Sep 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3493-01 - The Cyrus IMAP server provides access to personal mail, system-wide bulletin boards, news-feeds, calendar and contacts through the IMAP, JMAP, NNTP, CalDAV and CardDAV protocols. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, imap, protocol
systems | linux, redhat
advisories | CVE-2021-33582
SHA-256 | df5df5a67956e4c3f6b317fc69d22d4f177a767e0113d518d0c06f4225ab743d
Ubuntu Security Notice USN-5058-1
Posted Aug 31, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5058-1 - It was discovered that Thunderbird didn't ignore IMAP server responses prior to completion of the STARTTLS handshake. A person-in-the-middle could potentially exploit this to trick Thunderbird into showing incorrect information. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, imap
systems | linux, ubuntu
advisories | CVE-2021-29969, CVE-2021-29984, CVE-2021-29985, CVE-2021-29989, CVE-2021-30547
SHA-256 | d439dc830ff759d365c01af29919212afc94c2f9e8414adca8c017e63f81126f
Red Hat Security Advisory 2021-1887-01
Posted May 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1887-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, imap
systems | linux, redhat, unix
advisories | CVE-2020-24386, CVE-2020-25275
SHA-256 | 045796f3b8418b5d1ac6859ee2713ae9bc1a6fe4c33f84ee2b09f1874015aaf9
Hydra Network Logon Cracker 9.2
Posted Mar 15, 2021
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Fix for http-post-form optional parameters. Enabled gcc 10 support for xhydra. IPv6 support for Host: header for http based modules. Various other updates.
tags | tool, web, imap
systems | cisco, unix
SHA-256 | 1a28f064763f9144f8ec574416a56ef51c0ab1ae2276e35a89ceed4f594ec5d2
Dovecot 2.3.11.3 Access Bypass
Posted Jan 7, 2021
Authored by Aki Tuomi

Dovecot versions 2.2.26 through 2.3.11.3 suffer from a bypass issue. When imap hibernation is active, an attacker can cause Dovecot to discover file system directory structure and access other users' emails using a specially crafted command. The attacker must have valid credentials to access the mail server.

tags | advisory, imap, bypass
advisories | CVE-2020-24386
SHA-256 | 5e5468067fc35516788b52ac2a4e75207c4c6d4b1f0ea93176e970b293daf7d6
Ubuntu Security Notice USN-4674-1
Posted Jan 4, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4674-1 - It was discovered that Dovecot incorrectly handled certain imap hibernation commands. A remote authenticated attacker could possibly use this issue to access other users' email. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. Innokentii Sennovskiy discovered that Dovecot incorrectly handled MIME parsing. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, imap
systems | linux, ubuntu
advisories | CVE-2020-24386, CVE-2020-25275
SHA-256 | a6fb24566e34ca33892166efc08d56441a09b26e354fd4b998d65c1ffc7d4c66
Debian Security Advisory 4821-1
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4821-1 - Alex Birnberg discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, is prone to a cross-site scripting vulnerability in handling HTML or Plain text messages with malicious content.

tags | advisory, imap, xss
systems | linux, debian
advisories | CVE-2020-35730
SHA-256 | 767561724a53319077d3cdf5d57e9f5904fcd9eb4ae9dc5d7a3475c8e8af11f2
Red Hat Security Advisory 2020-4763-01
Posted Nov 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4763-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include denial of service and use-after-free vulnerabilities.

tags | advisory, denial of service, vulnerability, imap
systems | linux, redhat, unix
advisories | CVE-2020-10958, CVE-2020-10967
SHA-256 | 95023ee6ccfb4930ceec503cc37701c443c932cfb1c4e11e4b4e377d760694ea
Red Hat Security Advisory 2020-4655-01
Posted Nov 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4655-01 - The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and SIEVE support. Issues addressed include bypass and privilege escalation vulnerabilities.

tags | advisory, vulnerability, imap
systems | linux, redhat
advisories | CVE-2019-18928, CVE-2019-19783
SHA-256 | 351b1e471e4038244a22555e9ae5e3516d9d76c701f6e5c112212a28d3c5a7d5
Ubuntu Security Notice USN-4598-1
Posted Oct 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4598-1 - It was discovered that LibEtPan incorrectly handled STARTTLS when using IMAP, SMTP and POP3. A remote attacker could possibly use this issue to perform a response injection attack.

tags | advisory, remote, imap
systems | linux, ubuntu
advisories | CVE-2020-15953
SHA-256 | d19bb3d7c5778cad2232b0d3f1d4767258f76d7dff5b87c5147ddaeec6110b97
Ubuntu Security Notice USN-4566-1
Posted Oct 6, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4566-1 - It was discovered that Cyrus IMAP Server could execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name. An attacker could use this vulnerability to cause a crash or possibly execute arbitrary code. It was discovered that the Cyrus IMAP Server allow users to create any mailbox with administrative privileges. A local attacker could use this to obtain sensitive information. Various other issues were also addressed.

tags | advisory, web, arbitrary, local, imap
systems | linux, ubuntu
advisories | CVE-2019-11356, CVE-2019-19783
SHA-256 | b29e714d866e6ec6075866950847cbd51cb8d46269dd8a4d6182d91d2d346043
Page 1 of 18
Back12345Next

File Archive:

May 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    15 Files
  • 2
    May 2nd
    16 Files
  • 3
    May 3rd
    38 Files
  • 4
    May 4th
    15 Files
  • 5
    May 5th
    35 Files
  • 6
    May 6th
    0 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    8 Files
  • 9
    May 9th
    65 Files
  • 10
    May 10th
    19 Files
  • 11
    May 11th
    27 Files
  • 12
    May 12th
    8 Files
  • 13
    May 13th
    0 Files
  • 14
    May 14th
    1 Files
  • 15
    May 15th
    19 Files
  • 16
    May 16th
    66 Files
  • 17
    May 17th
    28 Files
  • 18
    May 18th
    32 Files
  • 19
    May 19th
    13 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    23 Files
  • 23
    May 23rd
    15 Files
  • 24
    May 24th
    49 Files
  • 25
    May 25th
    20 Files
  • 26
    May 26th
    13 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close