exploit the possibilities
Showing 76 - 100 of 413 RSS Feed

IMAP Files

Ubuntu Security Notice USN-1400-4
Posted Apr 4, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1400-4 - USN-1400-3 fixed vulnerabilities in Thunderbird. The new Thunderbird version caused a regression in IMAP connections and mail filtering. This update fixes the problem. Soroush Dalili discovered that Firefox did not adequately protect against dropping JavaScript links onto a frame. Atte Kettunen discovered a use-after-free vulnerability in Firefox's handling of SVG animations. Various other issues were also addressed.

tags | advisory, javascript, vulnerability, imap
systems | linux, ubuntu
advisories | CVE-2012-0455, CVE-2012-0457, CVE-2012-0456, CVE-2012-0451, CVE-2012-0458, CVE-2012-0459, CVE-2012-0460, CVE-2012-0462, CVE-2012-0464
MD5 | e1c19b7768ec2d1e6904544022dbd70c
Mandriva Linux Security Advisory 2012-037
Posted Mar 23, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-037 - The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service, imap
systems | linux, mandriva
advisories | CVE-2011-3481
MD5 | 07d345e49689aa4d859ea4b306d8d515
Back To The FUZZ'er Toolkit
Posted Mar 12, 2012
Authored by localh0t

This tool is for fuzzing different protocols such as FTP, HTTP, IMAP, and more. It also has no-protocol plugins like a file fuzzer. Written in Python.

tags | tool, web, imap, protocol, python, fuzzer
systems | unix
MD5 | fd27b7de64ad280fd5b1e9098a16c452
Xplico Network Forensic Analysis Tool 1.0.0
Posted Feb 26, 2012
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.

Changes: SQLite dispatcher performance improved. Multiple dissectors added, fixed, and improved. Yahoo Webmail bugs fixed. Various other additions and improvements.
tags | tool, imap, forensics
systems | linux
MD5 | 2beed9fac891885b690c712169caabfb
Hydra Network Logon Cracker 7.2
Posted Feb 16, 2012
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Multiple bug fixes.
tags | tool, web, cracker, imap
systems | cisco, unix
MD5 | 7a72f2d4dd8a771a4935072f80e336dd
Xplico Network Forensic Analysis Tool 0.7.1
Posted Jan 16, 2012
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.

Changes: RTP bug fixed. Dispatcher core functionality bug fixed. Various other fixes and additions.
tags | tool, imap, forensics
systems | linux
MD5 | 639aea5d8860fb9f93c103783815831a
Debian Security Advisory 2377-1
Posted Jan 2, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2377-1 - It was discovered that cyrus-imapd, a highly scalable mail system designed for use in enterprise environments, is not properly parsing mail headers when a client makes use of the IMAP threading feature. As a result, a NULL pointer is dereferenced which crashes the daemon. An attacker can trigger this by sending a mail containing crafted reference headers and access the mail with a client that uses the server threading feature of IMAP.

tags | advisory, imap
systems | linux, debian
advisories | CVE-2011-3481
MD5 | 3f5b64e35588290829a65a2b6f0b4282
Ubuntu Security Notice USN-1295-1
Posted Dec 9, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1295-1 - It was discovered that Dovecot incorrectly validated certificate hostnames when being used as a POP3 and IMAP proxy. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information.

tags | advisory, remote, imap
systems | linux, ubuntu
advisories | CVE-2011-4318
MD5 | 0ec283334fb5e1c8e7698d44ed166f92
Red Hat Security Advisory 2011-1508-01
Posted Dec 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1508-01 - The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. An authentication bypass flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to read or post newsgroup messages on an NNTP server configured to require user authentication, without providing valid authentication credentials. A NULL pointer dereference flaw was found in the cyrus-imapd IMAP server, imapd. A remote attacker could send a specially-crafted mail message to a victim that would possibly prevent them from accessing their mail normally, if they were using an IMAP client that relies on the server threading IMAP feature.

tags | advisory, remote, imap
systems | linux, redhat
advisories | CVE-2011-3372, CVE-2011-3481
MD5 | 33665b3c67f3189c990594826a6afcae
Stunnel SSL Wrapper 4.48
Posted Nov 27, 2011
Authored by Michal Trojnara | Site stunnel.org

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

Changes: FIPS-compliant OpenSSL DLLs are supplied with the Windows installer. FIPS mode can be disabled with the "fips = no" configuration file option. The stability of the Windows GUI was also improved.
tags | tool, arbitrary, encryption, tcp, imap, protocol
systems | windows, unix
MD5 | b2f4dddfb3415d42bf4ed8f1feb7af19
Stunnel SSL Wrapper 4.47b1
Posted Nov 8, 2011
Authored by Michal Trojnara | Site stunnel.org

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

Changes: This release adds Unix socket support and a new certificate verification mode to ignore the CA chain and only verify the peer certificate. It also includes some performance and scalability optimizations, and compilation bugfixes.
tags | arbitrary, encryption, tcp, imap, protocol
systems | windows, unix
MD5 | e7798b04af15f950a0fd437aa7f627f1
Xplico Network Forensic Analysis Tool 0.7.0
Posted Nov 7, 2011
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.

Changes: XI language localization, Added ICMPv6 dissector, various other dissectors improved. Updated XI to Cakephp 1.3. Many additions, features, and bug fixes added.
tags | tool, imap, forensics
systems | linux
MD5 | 0d27690e2fd8516be2441393831f4026
HP Security Bulletin HPSBOV02467 SSRT090152
Posted Nov 4, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV02467 SSRT090152 - A potential security vulnerability has been identified with HP OpenVMS TCP/IP Services running POP or IMAP servers. The vulnerability could be remotely exploited to result in unauthorized access. Revision 1 of this advisory.

tags | advisory, tcp, imap
advisories | CVE-2011-3168
MD5 | 88cab91dbbca5e270c82ad34bcf8674e
Stunnel SSL Wrapper 4.45
Posted Oct 25, 2011
Authored by Michal Trojnara | Site stunnel.org

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

Changes: New "protocol = proxy" support was added to send the original client IP address to haproxy. This requires the accept-proxy bind option of haproxy 1.5-dev3 or later. A number of minor improvements and bugfixes were added, mostly related to Win32 GUI and compilation issues on various platforms.
tags | tool, arbitrary, encryption, tcp, imap, protocol
systems | windows, unix
MD5 | dee104214a7c13593c1053cdff9a850f
Gentoo Linux Security Advisory 201110-16
Posted Oct 23, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201110-16 - The Cyrus IMAP Server is affected by multiple vulnerabilities which could potentially lead to the remote execution of arbitrary code or a denial of service. Versions less than 2.4.12 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability, imap
systems | linux, gentoo
advisories | CVE-2009-2632, CVE-2011-3208, CVE-2011-3481
MD5 | 1f4a847d1bb7dad134321f46e9531e79
Mandriva Linux Security Advisory 2011-149
Posted Oct 15, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-149 - Multiple vulnerabilities has been discovered and corrected in cyrus-imapd. Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command. Secunia Research has discovered a vulnerability in Cyrus IMAPd, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error within the authentication mechanism of the NNTP server, which can be exploited to bypass the authentication process and execute commands intended for authenticated users by sending an AUTHINFO USER command without a following AUTHINFO PASS command.

tags | advisory, remote, overflow, arbitrary, vulnerability, imap
systems | linux, mandriva
advisories | CVE-2011-3208, CVE-2011-3372
MD5 | 1e97fb5fab7bd99948d28d95d46646da
Hydra Network Logon Cracker 7.1
Posted Oct 3, 2011
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Added HTTP Proxy URL enumeration module, SOCKS4/SOCKS5 proxy support with authentication, IPv6 support for SOCKS5 module, and more. Various bug fixes and enhancements.
tags | tool, web, cracker, imap
systems | cisco, unix
MD5 | 0c3a6a351cb2e233cb989f0bcdd75edf
Intercepter Sniffer 0.8.4
Posted Oct 2, 2011
Authored by Ares | Site sniff.su

0x4553-Intercepter is a WinPcap-based sniffer that offers various capabilities including sniffing for password hashes related to ICQ/IRC/AIM/FTP/IMAP/POP3/SMTP/LDAP/BNC/SOCKS/HTTP/WWW/NNTP/CVS/TELNET/MRA/DC++/VNC/MYSQL and ORACLE. It also sniffs ICQ/AIM/JABBER/YAHOO/MSN/GADU-GADU/IRC and MRA protocols. It has a built-in arp poisoning module, can change MAC addresses of LAN adapters, and has various other interesting functionality.

Changes: Added SSL Strip.
tags | tool, web, sniffer, imap, protocol
MD5 | 689722d9d85153eebdd73ab250ac292b
Ubuntu Security Notice USN-1221-1
Posted Sep 30, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1221-1 - It was discovered that mutt incorrectly verified the hostname in an SSL certificate. An attacker could trick mutt into trusting a rogue SMTPS, IMAPS, or POP3S server's certificate, which was signed by a trusted certificate authority, to perform a man-in-the-middle attack.

tags | advisory, imap
systems | linux, ubuntu
advisories | CVE-2011-1429
MD5 | 92236cfa490c9a67d1e989b2f6397d43
Hydra Network Logon Cracker 7.0
Posted Sep 25, 2011
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: New main engine for hydra. Lots of bugfixes and additions.
tags | tool, web, cracker, imap
systems | cisco, unix
MD5 | 4678557f796fe86dabdb977548b0b749
Red Hat Security Advisory 2011-1317-01
Posted Sep 19, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1317-01 - The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. A buffer overflow flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to crash the nntpd child process or, possibly, execute arbitrary code with the privileges of the cyrus user.

tags | advisory, remote, overflow, arbitrary, imap
systems | linux, redhat
advisories | CVE-2011-3208
MD5 | fb99783908201febb790117035d2c284
Stunnel SSL Wrapper 4.44
Posted Sep 19, 2011
Authored by Michal Trojnara | Site stunnel.org

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

Changes: Bugs in the new SNI and memory management code were fixed. Buffer overflow protection was implemented for heap allocations, and gcc buffer overflow protection was enabled for stack allocations.
tags | arbitrary, encryption, tcp, imap, protocol
systems | windows, unix
MD5 | c9dd51fc02b913ce5bf7b3fc12f9cb4a
Stunnel SSL Wrapper 4.43
Posted Sep 8, 2011
Authored by Michal Trojnara | Site stunnel.org

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

Changes: Win32 OpenSSL DLLs were updated to version 1.0.0e. This version fixes Win32 configuration file reload. FORK and UCONTEXT threading models were corrected and thoroughly tested. Major performance optimization was performed on the logging subsystem.
tags | arbitrary, encryption, tcp, imap, protocol
systems | windows, unix
MD5 | 84174925a0f2632cc5cd52b3503cf07b
Red Hat Security Advisory 2011-1187-01
Posted Aug 19, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1187-01 - Dovecot is an IMAP server for Linux, UNIX, and similar operating systems, primarily written with security in mind. A denial of service flaw was found in the way Dovecot handled NULL characters in certain header names. A mail message with specially-crafted headers could cause the Dovecot child process handling the target user's connection to crash, blocking them from downloading the message successfully and possibly leading to the corruption of their mailbox. Users of dovecot are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, the dovecot service will be restarted automatically.

tags | advisory, denial of service, imap
systems | linux, redhat, unix
advisories | CVE-2011-1929
MD5 | fca58a614fdbcdab6cdde942fa4607ca
Stunnel SSL Wrapper 4.42b2
Posted Jul 27, 2011
Authored by Michal Trojnara | Site stunnel.org

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

Changes: This release fixes a Windows service crash of stunnel 4.40.
tags | arbitrary, encryption, tcp, imap, protocol
systems | windows, unix
MD5 | db793abd65e04ef2b5c104b30e546e8f
Page 4 of 17
Back23456Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close