Ubuntu Security Notice 3457-1 - Brian Carpenter discovered that curl incorrectly handled IMAP FETCH response lines. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code.

Red Hat Security Advisory 2017-3263-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: A buffer overrun flaw was found in the IMAP handler of libcurl. By tricking an unsuspecting user into connecting to a malicious IMAP server, an attacker could exploit this flaw to potentially cause information disclosure or crash the application.

Debian Linux Security Advisory 4181-1 - Andrea Basile discovered that the 'archive' plugin in roundcube, a skinnable AJAX based webmail solution for IMAP servers, does not properly sanitize a user-controlled parameter, allowing a remote attacker to inject arbitrary IMAP commands and perform malicious actions.

Malbait is a honeypot written in perl. It creates fake servers and supports both TCP and UDP protocols, either singly or in combination. It outputs in CSV format as well as giving more detailed text reports. You can serve fake Telnet, FTP, SMTP, POP3, HTTP, TR-69, IMAP, asciitime, systat and echo servers, as well as serving blank or random output.

Ubuntu Security Notice 3724-1 - Jon Kristensen discovered that Evolution Data Server would automatically downgrade a connection to an IMAP server if the IMAP server did not support SSL. This would result in the user's password being unexpectedly sent in clear text, even though the user had requested to use SSL.

Red Hat Security Advisory 2018-2526-01 - Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Issues addressed include code execution and traversal vulnerabilities.

PHP version 5.2.3 (Debian) suffers from an imap imap_open disable functions bypass vulnerability.

Debian Linux Security Advisory 4344-1 - Aidan Marlin discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, is prone to a cross-site scripting vulnerability in handling invalid style tag content.

The imap_open function within PHP, if called without the /norsh flag, will attempt to preauthenticate an IMAP session. On Debian based systems, including Ubuntu, rsh is mapped to the ssh binary. Ssh's ProxyCommand option can be passed from imap_open to execute arbitrary commands. While many custom applications may use imap_open, this exploit works against the following applications: e107 v2, prestashop, SuiteCRM, as well as Custom, which simply prints the exploit strings for use. Prestashop exploitation requires the admin URI, and administrator credentials. suiteCRM/e107/hostcms require administrator credentials.

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Debian Linux Security Advisory 4458-1 - A flaw was discovered in the CalDAV feature in httpd of the Cyrus IMAP server, leading to denial of service or potentially the execution of arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name.

Red Hat Security Advisory 2019-1771-01 - The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and SIEVE support. Issues addressed include a buffer overflow vulnerability.

Debian Linux Security Advisory 4510-1 - Nick Roessler and Rafi Rubin discovered that the IMAP and ManageSieve protocol parsers in the Dovecot email server do not properly validate input (both pre- and post-login). A remote attacker can take advantage of this flaw to trigger out of bounds heap memory writes, leading to information leaks or potentially the execution of arbitrary code.

Red Hat Security Advisory 2019-2799-01 - Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a focus on high concurrency, performance and low memory usage. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2019-2822-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include an out of bounds write vulnerability.

Red Hat Security Advisory 2019-2836-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include an out of bounds write vulnerability.

Red Hat Security Advisory 2019-2885-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include an out of bounds write vulnerability.

Ubuntu Security Notice 4160-1 - It was discovered that UW IMAP incorrectly handled inputs. A remote attacker could possibly use this issue to execute arbitrary OS commands.

Red Hat Security Advisory 2019-3467-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. An improper certificate validation flaw was addressed.

Debian Linux Security Advisory 4590-1 - It was discovered that the lmtpd component of the Cyrus IMAP server created mailboxes with administrator privileges if the "fileinto" was used, bypassing ACL checks.

Red Hat Security Advisory 2020-1126-01 - Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Issues addressed include a traversal vulnerability.

Red Hat Security Advisory 2020-1062-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include a buffer overflow vulnerability.