Описание
CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary IMAP commands via newline characters in the mailbox parameter of the sqimap_mailbox_select command, aka "IMAP injection."
CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary IMAP commands via newline characters in the mailbox parameter of the sqimap_mailbox_select command, aka "IMAP injection."
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-0377
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24849
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11470
- http://secunia.com/advisories/18985
- http://secunia.com/advisories/19130
- http://secunia.com/advisories/19131
- http://secunia.com/advisories/19176
- http://secunia.com/advisories/19205
- http://secunia.com/advisories/19960
- http://secunia.com/advisories/20210
- http://securitytracker.com/id?1015662
- http://www.debian.org/security/2006/dsa-988
- http://www.gentoo.org/security/en/glsa/glsa-200603-09.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:049
- http://www.novell.com/linux/security/advisories/2006_05_sr.html
- http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00004.html
- http://www.redhat.com/support/errata/RHSA-2006-0283.html
- http://www.securityfocus.com/bid/16756
- http://www.squirrelmail.org/security/issue/2006-02-15
- http://www.vupen.com/english/advisories/2006/0689
EPSS
CVE ID
Связанные уязвимости
CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary IMAP commands via newline characters in the mailbox parameter of the sqimap_mailbox_select command, aka "IMAP injection."
CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary IMAP commands via newline characters in the mailbox parameter of the sqimap_mailbox_select command, aka "IMAP injection."
CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary IMAP commands via newline characters in the mailbox parameter of the sqimap_mailbox_select command, aka "IMAP injection."
CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows rem ...
EPSS