Candidate: CVE-2012-2124
PublicDate: 2013-01-18 11:48:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2124
 http://www.openwall.com/lists/oss-security/2012/04/20
Description:
 functions/imap_general.php in SquirrelMail, as used in Red Hat Enterprise
 Linux (RHEL) 4 and 5, does not properly handle 8-bit characters in
 passwords, which allows remote attackers to cause a denial of service (disk
 consumption) by making many IMAP login attempts with different usernames,
 leading to the creation of many preference files.  NOTE: this issue exists
 because of an incorrect fix for CVE-2010-2813.
Ubuntu-Description:
Notes:
 tyhicks> Red Hat specific - ignoring.
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_squirrelmail:
upstream_squirrelmail: not-affected (Red Hat only)
hardy_squirrelmail: not-affected (Red Hat only)
lucid_squirrelmail: not-affected (Red Hat only)
natty_squirrelmail: not-affected (Red Hat only)
oneiric_squirrelmail: not-affected (Red Hat only)
precise_squirrelmail: not-affected (Red Hat only)
devel_squirrelmail: DNE