Vulnerability-Lookup

CVE-2010-2813 (GCVE-0-2010-2813)

Vulnerability from cvelistv5 – Published: 2010-08-19 17:43 – Updated: 2024-08-07 02:46

Summary

functions/imap_general.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of many preferences files.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://support.apple.com/kb/HT5130	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://squirrelmail.svn.sourceforge.net/viewvc/sq…	x_refsource_CONFIRM
	http://www.debian.org/security/2010/dsa-2091	vendor-advisoryx_refsource_DEBIAN
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://secunia.com/advisories/40964	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2010/2080	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/42399	vdb-entryx_refsource_BID
	http://rhn.redhat.com/errata/RHSA-2012-0103.html	vendor-advisoryx_refsource_REDHAT
	http://secunia.com/advisories/40971	third-party-advisoryx_refsource_SECUNIA
	http://squirrelmail.org/security/issue/2010-07-23	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2010/2070	vdb-entryx_refsource_VUPEN
	https://bugzilla.redhat.com/show_bug.cgi?id=618096	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T02:46:48.556Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FEDORA-2010-11422",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045383.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5130"
          },
          {
            "name": "squirrelmail-imap-dos(61124)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61124"
          },
          {
            "name": "FEDORA-2010-11410",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045372.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/functions/imap_general.php?view=patch\u0026r1=13972\u0026r2=13971\u0026pathrev=13972"
          },
          {
            "name": "DSA-2091",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2091"
          },
          {
            "name": "APPLE-SA-2012-02-01-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
          },
          {
            "name": "40964",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40964"
          },
          {
            "name": "ADV-2010-2080",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2080"
          },
          {
            "name": "42399",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/42399"
          },
          {
            "name": "RHSA-2012:0103",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0103.html"
          },
          {
            "name": "40971",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40971"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://squirrelmail.org/security/issue/2010-07-23"
          },
          {
            "name": "ADV-2010-2070",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2070"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=618096"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-07-23T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "functions/imap_general.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of many preferences files."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "FEDORA-2010-11422",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045383.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5130"
        },
        {
          "name": "squirrelmail-imap-dos(61124)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61124"
        },
        {
          "name": "FEDORA-2010-11410",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045372.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/functions/imap_general.php?view=patch\u0026r1=13972\u0026r2=13971\u0026pathrev=13972"
        },
        {
          "name": "DSA-2091",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2091"
        },
        {
          "name": "APPLE-SA-2012-02-01-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
        },
        {
          "name": "40964",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40964"
        },
        {
          "name": "ADV-2010-2080",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2080"
        },
        {
          "name": "42399",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/42399"
        },
        {
          "name": "RHSA-2012:0103",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0103.html"
        },
        {
          "name": "40971",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40971"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://squirrelmail.org/security/issue/2010-07-23"
        },
        {
          "name": "ADV-2010-2070",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2070"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=618096"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-2813",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "functions/imap_general.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of many preferences files."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "FEDORA-2010-11422",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045383.html"
            },
            {
              "name": "http://support.apple.com/kb/HT5130",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5130"
            },
            {
              "name": "squirrelmail-imap-dos(61124)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61124"
            },
            {
              "name": "FEDORA-2010-11410",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045372.html"
            },
            {
              "name": "http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/functions/imap_general.php?view=patch\u0026r1=13972\u0026r2=13971\u0026pathrev=13972",
              "refsource": "CONFIRM",
              "url": "http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/functions/imap_general.php?view=patch\u0026r1=13972\u0026r2=13971\u0026pathrev=13972"
            },
            {
              "name": "DSA-2091",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2010/dsa-2091"
            },
            {
              "name": "APPLE-SA-2012-02-01-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
            },
            {
              "name": "40964",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/40964"
            },
            {
              "name": "ADV-2010-2080",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/2080"
            },
            {
              "name": "42399",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/42399"
            },
            {
              "name": "RHSA-2012:0103",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0103.html"
            },
            {
              "name": "40971",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/40971"
            },
            {
              "name": "http://squirrelmail.org/security/issue/2010-07-23",
              "refsource": "CONFIRM",
              "url": "http://squirrelmail.org/security/issue/2010-07-23"
            },
            {
              "name": "ADV-2010-2070",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/2070"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=618096",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=618096"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-2813",
    "datePublished": "2010-08-19T17:43:00.000Z",
    "dateReserved": "2010-07-22T00:00:00.000Z",
    "dateUpdated": "2024-08-07T02:46:48.556Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GSD-2010-2813

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2010-2813

Aliases

CVE-2010-2813

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2010-2813",
    "description": "functions/imap_general.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of many preferences files.",
    "id": "GSD-2010-2813",
    "references": [
      "https://www.suse.com/security/cve/CVE-2010-2813.html",
      "https://www.debian.org/security/2010/dsa-2091",
      "https://access.redhat.com/errata/RHSA-2012:0103",
      "https://linux.oracle.com/cve/CVE-2010-2813.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2010-2813"
      ],
      "details": "functions/imap_general.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of many preferences files.",
      "id": "GSD-2010-2813",
      "modified": "2023-12-13T01:21:30.960970Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2010-2813",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "functions/imap_general.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of many preferences files."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "FEDORA-2010-11422",
            "refsource": "FEDORA",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045383.html"
          },
          {
            "name": "http://support.apple.com/kb/HT5130",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT5130"
          },
          {
            "name": "squirrelmail-imap-dos(61124)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61124"
          },
          {
            "name": "FEDORA-2010-11410",
            "refsource": "FEDORA",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045372.html"
          },
          {
            "name": "http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/functions/imap_general.php?view=patch\u0026r1=13972\u0026r2=13971\u0026pathrev=13972",
            "refsource": "CONFIRM",
            "url": "http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/functions/imap_general.php?view=patch\u0026r1=13972\u0026r2=13971\u0026pathrev=13972"
          },
          {
            "name": "DSA-2091",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2010/dsa-2091"
          },
          {
            "name": "APPLE-SA-2012-02-01-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
          },
          {
            "name": "40964",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/40964"
          },
          {
            "name": "ADV-2010-2080",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2010/2080"
          },
          {
            "name": "42399",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/42399"
          },
          {
            "name": "RHSA-2012:0103",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0103.html"
          },
          {
            "name": "40971",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/40971"
          },
          {
            "name": "http://squirrelmail.org/security/issue/2010-07-23",
            "refsource": "CONFIRM",
            "url": "http://squirrelmail.org/security/issue/2010-07-23"
          },
          {
            "name": "ADV-2010-2070",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2010/2070"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=618096",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=618096"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:r3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0_rc1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0-r1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.9a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.6:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.5_rc1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.15_rc1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3aa:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4_rc1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:rc2a:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0_rc2a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_rc1:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.44:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.8.4fc6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.4_rc1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.10a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.15:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.15rc1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.4:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.5:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.6_rc1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.6_cvs:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_rc1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_r3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.4.20",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-2813"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "functions/imap_general.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of many preferences files."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-2091",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2010/dsa-2091"
            },
            {
              "name": "42399",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/42399"
            },
            {
              "name": "ADV-2010-2070",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/2070"
            },
            {
              "name": "40964",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/40964"
            },
            {
              "name": "http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/functions/imap_general.php?view=patch\u0026r1=13972\u0026r2=13971\u0026pathrev=13972",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/functions/imap_general.php?view=patch\u0026r1=13972\u0026r2=13971\u0026pathrev=13972"
            },
            {
              "name": "http://squirrelmail.org/security/issue/2010-07-23",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://squirrelmail.org/security/issue/2010-07-23"
            },
            {
              "name": "ADV-2010-2080",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/2080"
            },
            {
              "name": "FEDORA-2010-11422",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045383.html"
            },
            {
              "name": "40971",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/40971"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=618096",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=618096"
            },
            {
              "name": "FEDORA-2010-11410",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045372.html"
            },
            {
              "name": "APPLE-SA-2012-02-01-1",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
            },
            {
              "name": "http://support.apple.com/kb/HT5130",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.apple.com/kb/HT5130"
            },
            {
              "name": "RHSA-2012:0103",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0103.html"
            },
            {
              "name": "squirrelmail-imap-dos(61124)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61124"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-08-17T01:32Z",
      "publishedDate": "2010-08-19T18:00Z"
    }
  }
}

GHSA-4JQC-6M5C-WG7V

Vulnerability from github – Published: 2022-05-17 02:06 – Updated: 2022-05-17 02:06

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2010-2813"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2010-08-19T18:00:00Z",
    "severity": "MODERATE"
  },
  "details": "functions/imap_general.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of many preferences files.",
  "id": "GHSA-4jqc-6m5c-wg7v",
  "modified": "2022-05-17T02:06:13Z",
  "published": "2022-05-17T02:06:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2813"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=618096"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61124"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045372.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045383.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-0103.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/40964"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/40971"
    },
    {
      "type": "WEB",
      "url": "http://squirrelmail.org/security/issue/2010-07-23"
    },
    {
      "type": "WEB",
      "url": "http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/functions/imap_general.php?view=patch\u0026r1=13972\u0026r2=13971\u0026pathrev=13972"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT5130"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2010/dsa-2091"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/42399"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/2070"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/2080"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTA-2012-AVI-054

Vulnerability from certfr_avis - Published: 2012-02-03 - Updated: 2012-02-03

Plusieurs vulnérabilités sont présentes dans Mac OS X Lion.

Description

Plusieurs vulnérabilités existent dans Mac OS X Lion dont certaines, particulièrement critiques, permettent à une personne malintentionnée d'exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Mac OS X Lion, versions antérieures à 10.7.3.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

FKIE_CVE-2010-2813

Vulnerability from fkie_nvd - Published: 2010-08-19 18:00 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
cve@mitre.org	http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045372.html
cve@mitre.org	http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045383.html
cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2012-0103.html
cve@mitre.org	http://secunia.com/advisories/40964	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/40971	Vendor Advisory
cve@mitre.org	http://squirrelmail.org/security/issue/2010-07-23	Patch, Vendor Advisory
cve@mitre.org	http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/functions/imap_general.php?view=patch&r1=13972&r2=13971&pathrev=13972
cve@mitre.org	http://support.apple.com/kb/HT5130
cve@mitre.org	http://www.debian.org/security/2010/dsa-2091
cve@mitre.org	http://www.securityfocus.com/bid/42399
cve@mitre.org	http://www.vupen.com/english/advisories/2010/2070	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2010/2080	Vendor Advisory
cve@mitre.org	https://bugzilla.redhat.com/show_bug.cgi?id=618096
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/61124
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045372.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045383.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-0103.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/40964	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/40971	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://squirrelmail.org/security/issue/2010-07-23	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/functions/imap_general.php?view=patch&r1=13972&r2=13971&pathrev=13972
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT5130
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2010/dsa-2091
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/42399
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/2070	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/2080	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=618096
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/61124

Impacted products

Vendor	Product	Version
squirrelmail	squirrelmail	*
squirrelmail	squirrelmail	1.4
squirrelmail	squirrelmail	1.4
squirrelmail	squirrelmail	1.4.0
squirrelmail	squirrelmail	1.4.0
squirrelmail	squirrelmail	1.4.0
squirrelmail	squirrelmail	1.4.0-r1
squirrelmail	squirrelmail	1.4.0_rc1
squirrelmail	squirrelmail	1.4.0_rc2a
squirrelmail	squirrelmail	1.4.1
squirrelmail	squirrelmail	1.4.2
squirrelmail	squirrelmail	1.4.2-r1
squirrelmail	squirrelmail	1.4.2-r2
squirrelmail	squirrelmail	1.4.2-r3
squirrelmail	squirrelmail	1.4.2-r4
squirrelmail	squirrelmail	1.4.2-r5
squirrelmail	squirrelmail	1.4.3
squirrelmail	squirrelmail	1.4.3
squirrelmail	squirrelmail	1.4.3
squirrelmail	squirrelmail	1.4.3_r3
squirrelmail	squirrelmail	1.4.3_rc1
squirrelmail	squirrelmail	1.4.3_rc1
squirrelmail	squirrelmail	1.4.3a
squirrelmail	squirrelmail	1.4.3aa
squirrelmail	squirrelmail	1.4.4
squirrelmail	squirrelmail	1.4.4
squirrelmail	squirrelmail	1.4.4_rc1
squirrelmail	squirrelmail	1.4.5
squirrelmail	squirrelmail	1.4.5
squirrelmail	squirrelmail	1.4.5_rc1
squirrelmail	squirrelmail	1.4.6
squirrelmail	squirrelmail	1.4.6
squirrelmail	squirrelmail	1.4.6_cvs
squirrelmail	squirrelmail	1.4.6_rc1
squirrelmail	squirrelmail	1.4.7
squirrelmail	squirrelmail	1.4.8
squirrelmail	squirrelmail	1.4.8.4fc6
squirrelmail	squirrelmail	1.4.9
squirrelmail	squirrelmail	1.4.9a
squirrelmail	squirrelmail	1.4.10
squirrelmail	squirrelmail	1.4.10a
squirrelmail	squirrelmail	1.4.11
squirrelmail	squirrelmail	1.4.12
squirrelmail	squirrelmail	1.4.13
squirrelmail	squirrelmail	1.4.15
squirrelmail	squirrelmail	1.4.15
squirrelmail	squirrelmail	1.4.15_rc1
squirrelmail	squirrelmail	1.4.15rc1
squirrelmail	squirrelmail	1.4.16
squirrelmail	squirrelmail	1.4.17
squirrelmail	squirrelmail	1.4.18
squirrelmail	squirrelmail	1.4.19
squirrelmail	squirrelmail	1.4_rc1
squirrelmail	squirrelmail	1.44

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C85CDDA-ED8F-4878-807D-D725E83354F9",
              "versionEndIncluding": "1.4.20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "026730B8-3919-4100-8607-C640ADBDD662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "D4D1297B-EE36-46E2-8722-34F385A54751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C179A3C-8C8C-429B-BACA-8ADAE4170465",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "9C3A6CFE-CFA4-4B48-9738-063A2B1025FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:rc2a:*:*:*:*:*:*",
              "matchCriteriaId": "2664D22F-B0E6-48AB-BBBA-C653C1AF77A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0-r1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F6B4BA8-1379-44CF-B87D-9DA66B5F2484",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8F869F3-6D8D-4C95-95F7-5AE42C67362B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0_rc2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B96BB4F-12B0-460A-B5CC-8BA6D69911FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AD31177-05BB-4623-AED7-765DB7E44E47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "20247A22-9AB9-4BCE-BF28-350B52FBC62D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB0ABD26-2EA3-4884-BA0B-FFB88177CFDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCC479F3-6F3B-46CB-9D28-2DB7D76FDAE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EDC2C56-E977-452F-9263-541091356B67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B743DEC2-1ED2-4CAC-87F4-4EFDF16159FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CCE37B1-932D-4A4A-B4CA-056E26D78659",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "79E6734C-EE1C-40B6-9759-15298707A6F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:r3:*:*:*:*:*:*",
              "matchCriteriaId": "F66D66B1-992E-4EE0-A189-0974B96FE721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "70484027-647C-47DF-85FD-3323F4685613",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_r3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6733B8C-5A9E-45CE-8938-F39A69EB0DC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B08E51F1-3764-4146-89C1-20B9B8EE1222",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_rc1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "0F28456D-EA59-4900-AEAD-F8CB06F5129D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3a:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD4071B2-3D4F-4755-98B1-E28CEB05EA8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3aa:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AAFE2B-77AB-4AC3-A22C-C3C256E2E45A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF6591E5-5F36-4663-85A6-9D870FD49FC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.4:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "03D847B0-DE1D-49D7-9ED4-30C0A82209AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.4_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D062B70A-E5FF-403B-8BD1-777D6462B7CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D4CFD4D-EAC3-4325-A87F-9D5F4C513208",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.5:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "A53D0058-6216-4136-8F0A-A6B4AD475DA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.5_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D58980B8-6D4B-4E90-8410-80FDD7CF15C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A884536-4D27-4350-B815-AB4E625879DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.6:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "4429B95B-273A-45F3-A066-9AF548AC3FC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.6_cvs:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CD09187-16B2-4A0C-907C-40375E865EBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.6_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7ED3CC3-E0A8-4C20-9EF7-405CD32E9EF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD89F143-EEBF-472D-9653-E7534F5799FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "796C453E-D59A-4988-BD91-24F31646D8FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.8.4fc6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A901766-B49B-4983-98AB-880B333C284B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9851AD9-5093-4482-A632-487C6D104C9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.9a:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BA5BA42-F53A-4E0D-B04C-D70D2291E408",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "18AF3BC6-E33B-44BD-A2F6-A7F5244AA4FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.10a:*:*:*:*:*:*:*",
              "matchCriteriaId": "77776503-3258-400D-8404-233EAFA940AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "682BC5E2-F2C5-4B6F-8EF0-E05152BB9B12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABC24558-B7C1-4DE7-BC24-AF092DF0DE97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "537E4C91-91F9-469B-BF7D-5B05624D637A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "0986D113-C9F9-4645-8968-D165EC6B917D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.15:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "3893B3D9-BAA3-4FCD-BC58-C4B664E688B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.15_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B85F80F3-DC0E-4228-9FA3-D870BC2200D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.15rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCC5C975-D1EE-4248-9DA9-81C10E28B7F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8608AE1-7930-47CF-B2E8-9E86E2FB5A20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "34EB1B08-4377-4496-A278-19616238900F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BF9DF8F-368B-44A0-9258-49298E41E0E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "14735797-F6A9-42C8-9E05-9A427AD69EFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "442BF5C9-DC58-4A94-A634-33D6A4F3C6DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0C44025-C79D-4791-8EF6-3E26786E194E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "functions/imap_general.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of many preferences files."
    },
    {
      "lang": "es",
      "value": "functions/imap_general.php en SquirrelMail anterior a v1.4.21 no maneja adecuadamente los caracteres de 8-bits en contrase\u00f1as, lo cual permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de disco) realizando muchos intentos de inicio de sesi\u00f3n IMAP con diferentes nombres de usuario, llevando a la creaci\u00f3n de muchos ficheros de preferencias."
    }
  ],
  "id": "CVE-2010-2813",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-08-19T18:00:05.657",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045372.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045383.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-0103.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/40964"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/40971"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://squirrelmail.org/security/issue/2010-07-23"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/functions/imap_general.php?view=patch\u0026r1=13972\u0026r2=13971\u0026pathrev=13972"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT5130"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2010/dsa-2091"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/42399"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/2070"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/2080"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=618096"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61124"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045372.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045383.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-0103.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/40964"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/40971"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://squirrelmail.org/security/issue/2010-07-23"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/functions/imap_general.php?view=patch\u0026r1=13972\u0026r2=13971\u0026pathrev=13972"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT5130"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2010/dsa-2091"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/42399"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/2070"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/2080"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=618096"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61124"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2010-2813 (GCVE-0-2010-2813)

GSD-2010-2813

GHSA-4JQC-6M5C-WG7V

CERTA-2012-AVI-054

Description

Solution

FKIE_CVE-2010-2813

Tags

Sightings

Nomenclature