Published: 18/01/2013 Updated: 07/11/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

functions/imap_general.php in SquirrelMail, as used in Red Hat Enterprise Linux (RHEL) 4 and 5, does not properly handle 8-bit characters in passwords, which allows remote malicious users to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of many preference files. NOTE: this issue exists because of an incorrect fix for CVE-2010-2813.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat enterprise linux 4
squirrelmail squirrelmail -
redhat enterprise linux 5

Synopsis Low: squirrelmail security and bug fix update Type/Severity Security Advisory: Low Topic An updated squirrelmail package that fixes one security issue and severalbugs is now available for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having lowsecurity impac ...

CWE-399 https://bugzilla.redhat.com/show_bug.cgi?id=814671 http://www.openwall.com/lists/oss-security/2012/04/20/22 http://rhn.redhat.com/errata/RHSA-2013-0126.html http://secunia.com/advisories/51730 https://access.redhat.com/errata/RHSA-2013:0126 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-2124

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect