Squirrelmail : Security Vulnerabilities, CVEs, Published In January 2013 (Denial of service)
functions/imap_general.php in SquirrelMail, as used in Red Hat Enterprise Linux (RHEL) 4 and 5, does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of many preference files. NOTE: this issue exists because of an incorrect fix for CVE-2010-2813.
Max CVSS
5.0
EPSS Score
0.76%
Published
2013-01-18
Updated
2023-02-13
1 vulnerabilities found