This potentially allows an attacker to cause a victim's e-mail messages to be stored into an attacker's IMAP mailbox, but depends on details of the victim's client behavior.Ī flaw was found in mbsync versions prior to 1.4.4. A meddler-in-the-middle attacker can fixate their own session during the cleartext phase before a STARTTLS command (a violation of "The STARTTLS command is only valid in non-authenticated state." in RFC2595). In Alpine before 2.25, untagged responses from an IMAP server are accepted before STARTTLS.Īn issue was discovered in Citadel through webcit-932. In KDE Trojita 0.7, man-in-the-middle attackers can create new folders because untagged responses from an IMAP server are accepted before STARTTLS. This can result in Man-in -the-middle command injection attacks, leading potentially to leakage of sensible information. This affected Apache James prior to 3.6.1 We recommend upgrading to Apache James 3.6.1 or higher, which enforce the use of RE2J regular expression engine to execute regex in linear time without back-tracking.įetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.Īpache James prior to release 3.6.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. In Apache James, using Jazzer fuzzer, we identified that an IMAP user can craft IMAP LIST commands to orchestrate a Denial Of Service using a vulnerable Regular expression. This vulnerability had been patched in Apache James 3.6.1 and higher. This affected Apache James prior to version 3.6.1. The IMAP user needs to be authenticated to exploit this vulnerability. This can be used for a Denial Of Service attack. In Apache James, while fuzzing with Jazzer the IMAP parsing stack, we discover that crafted APPEND and STATUS IMAP command could be used to trigger infinite loops resulting in expensive CPU computations and OutOfMemory exceptions. Due to an unchecked condition, a malicious or compromised IMAP server could use a crafted mail message that lacks headers (i.e., one that starts with an empty line) to provoke a heap overflow, which could conceivably be exploited for remote code execution. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).Ī flaw was found in mbsync in isync 1.4.0 through 1.4.3. (Often, the IMAP credentials are usable to listen to voice mail messages sent before the vulnerability was exploited, in addition to new ones.) NOTE: some vendors characterize this as not a "concrete and exploitable risk."Īn improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. ** DISPUTED ** The Visual Voice Mail (VVM) application through for Android allows persistent access if an attacker temporarily controls an application that has the READ_SMS permission, and reads an IMAP credentialing message that is (by design) not displayed to the victim within the AOSP SMS/MMS messaging application. In libetpan a null pointer dereference in mailimap_mailbox_data_status_free in low-level/imap/mailimap_types.c was found that could lead to a remote denial of service or other potential consequences. This issue affects Apache James server version 3.7.2 and prior versions. Vulnerable components includes the SMTP stack and IMAP APPEND command. Usage of temporary files with insecure permissions by the Apache James server allows an attacker with local access to access private user data in transit. The only known workaround for this issue is to completely disable the nextcloud mail app.Ī 2-Step Verification problem in Axigen 10.3.3.52 allows an attacker to access a mailbox by bypassing 2-Step Verification when they try to add an account to any third-party webmail service (or add an account to Outlook or Gmail, etc.) with IMAP or POP3 without any verification code. It is recommended that the Nextcloud Maill app is upgraded to 1.15.0 or 2.2.2. In affected versions the SMTP, IMAP and Sieve host fields allowed to scan for internal services and servers reachable from within the local network of the Nextcloud Server. Nextcloud mail is an email app for the nextcloud home server platform.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |