Описание
functions/imap_general.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of many preferences files.
Отчет
The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 3 | squirrelmail | Will not fix | ||
| Red Hat Enterprise Linux 4 | squirrelmail | Fixed | RHSA-2012:0103 | 08.02.2012 |
| Red Hat Enterprise Linux 5 | squirrelmail | Fixed | RHSA-2012:0103 | 08.02.2012 |
Показывать по
Дополнительная информация
Статус:
EPSS
5 Medium
CVSS2
Связанные уязвимости
functions/imap_general.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of many preferences files.
functions/imap_general.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of many preferences files.
functions/imap_general.php in SquirrelMail before 1.4.21 does not prop ...
functions/imap_general.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of many preferences files.
EPSS
5 Medium
CVSS2