Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2010-2813

functions/imap_general.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of many preferences files.

Published

2010-08-19T18:00:05.657

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.0 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: PARTIAL
Exploitability Score

10.0

Impact Score

2.9

Weaknesses
  • Type: Primary
    CWE-399
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application squirrelmail squirrelmail ≤ 1.4.20 Yes
Application squirrelmail squirrelmail 1.4 Yes
Application squirrelmail squirrelmail 1.4 Yes
Application squirrelmail squirrelmail 1.4.0 Yes
Application squirrelmail squirrelmail 1.4.0 Yes
Application squirrelmail squirrelmail 1.4.0 Yes
Application squirrelmail squirrelmail 1.4.0-r1 Yes
Application squirrelmail squirrelmail 1.4.0_rc1 Yes
Application squirrelmail squirrelmail 1.4.0_rc2a Yes
Application squirrelmail squirrelmail 1.4.1 Yes
Application squirrelmail squirrelmail 1.4.2 Yes
Application squirrelmail squirrelmail 1.4.2-r1 Yes
Application squirrelmail squirrelmail 1.4.2-r2 Yes
Application squirrelmail squirrelmail 1.4.2-r3 Yes
Application squirrelmail squirrelmail 1.4.2-r4 Yes
Application squirrelmail squirrelmail 1.4.2-r5 Yes
Application squirrelmail squirrelmail 1.4.3 Yes
Application squirrelmail squirrelmail 1.4.3 Yes
Application squirrelmail squirrelmail 1.4.3 Yes
Application squirrelmail squirrelmail 1.4.3_r3 Yes
Application squirrelmail squirrelmail 1.4.3_rc1 Yes
Application squirrelmail squirrelmail 1.4.3_rc1 Yes
Application squirrelmail squirrelmail 1.4.3a Yes
Application squirrelmail squirrelmail 1.4.3aa Yes
Application squirrelmail squirrelmail 1.4.4 Yes
Application squirrelmail squirrelmail 1.4.4 Yes
Application squirrelmail squirrelmail 1.4.4_rc1 Yes
Application squirrelmail squirrelmail 1.4.5 Yes
Application squirrelmail squirrelmail 1.4.5 Yes
Application squirrelmail squirrelmail 1.4.5_rc1 Yes
Application squirrelmail squirrelmail 1.4.6 Yes
Application squirrelmail squirrelmail 1.4.6 Yes
Application squirrelmail squirrelmail 1.4.6_cvs Yes
Application squirrelmail squirrelmail 1.4.6_rc1 Yes
Application squirrelmail squirrelmail 1.4.7 Yes
Application squirrelmail squirrelmail 1.4.8 Yes
Application squirrelmail squirrelmail 1.4.8.4fc6 Yes
Application squirrelmail squirrelmail 1.4.9 Yes
Application squirrelmail squirrelmail 1.4.9a Yes
Application squirrelmail squirrelmail 1.4.10 Yes
Application squirrelmail squirrelmail 1.4.10a Yes
Application squirrelmail squirrelmail 1.4.11 Yes
Application squirrelmail squirrelmail 1.4.12 Yes
Application squirrelmail squirrelmail 1.4.13 Yes
Application squirrelmail squirrelmail 1.4.15 Yes
Application squirrelmail squirrelmail 1.4.15 Yes
Application squirrelmail squirrelmail 1.4.15_rc1 Yes
Application squirrelmail squirrelmail 1.4.15rc1 Yes
Application squirrelmail squirrelmail 1.4.16 Yes
Application squirrelmail squirrelmail 1.4.17 Yes
Application squirrelmail squirrelmail 1.4.18 Yes
Application squirrelmail squirrelmail 1.4.19 Yes
Application squirrelmail squirrelmail 1.4_rc1 Yes
Application squirrelmail squirrelmail 1.44 Yes
References