exploit the possibilities

Register | Login

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 1 of 1

Files

Mandriva Linux Security Advisory 2010-120: Posted Jun 23, 2010; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2010-120 - A vulnerability was reported in the SquirrelMail Mail Fetch plugin, wherein (when the plugin is activated by the administrator) a user is allowed to specify (without restriction) any port number for their external POP account settings. While the intention is to allow users to access POP3 servers using non-standard ports, this also allows malicious users to effectively port-scan any server through their SquirrelMail service (especially note that when a SquirrelMail server resides on a network behind a firewall, it may allow the user to explore the network topography (DNS scan) and services available (port scan) on the inside of (behind) that firewall. As this vulnerability is only exploitable post-authentication, and better more specific port scanning tools are freely available, we consider this vulnerability to be of very low severity. It has been fixed by restricting the allowable POP port numbers. The updated packages have been patched to correct this issue.; tags | advisory; systems | linux, mandriva; advisories | CVE-2010-1637; SHA-256 | c1ce6e51e0ff12140212416d19ef3ad63953447820df46e81f81e6daad09bd74; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

Recent News

Google Patches Critical Chrome Vulnerability: Posted Apr 24, 2024; tags | headline, flaw, google, patch, chrome; Favorite | View

Hackers Are Using Developing Countries For Ransomware Practice: Posted Apr 24, 2024; tags | headline, hacker, malware, cybercrime, fraud, cryptography; Favorite | View

Authorities Investigate LabHost Users After Phishing Service Shutdown: Posted Apr 23, 2024; tags | headline, cybercrime, fraud, phish; Favorite | View

Windows Vulnerability Reported By The NSA Exploited To Install Russian Malware: Posted Apr 23, 2024; tags | headline, government, microsoft, usa, russia, flaw, cyberwar, spyware, nsa; Favorite | View

UnitedHealth Admits Breach Could Cover Substantial Proportion Of People In America: Posted Apr 23, 2024; tags | headline, hacker, privacy, data loss; Favorite | View

Microsoft DRM Hack Could Allow Movie Downloads From Streaming: Posted Apr 23, 2024; tags | headline, microsoft, flaw, pirate; Favorite | View

Over A Million Neighbourhood Watch Members Exposed: Posted Apr 23, 2024; tags | headline, privacy, britain, data loss; Favorite | View

MITRE Hacked By State Sponsored Group Via Ivanti Zero Days: Posted Apr 23, 2024; tags | headline, hacker, government; Favorite | View

Russia's Sandworm APT Linked To Attack On Texas Water Plant: Posted Apr 18, 2024; tags | headline, malware, usa, russia, cyberwar, scada; Favorite | View

EU Tells Meta It Can't Paywall Privacy: Posted Apr 18, 2024; tags | headline, government, privacy, facebook, social; Favorite | View

View More News →

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Services: Security Services
Hosting By: Rokasec