Red Hat Bugzilla – Bug 814671
CVE-2012-2124 squirrelmail: CVE-2010-2813 not fixed in RHSA-2012:0103
Last modified: 2013-01-08 03:02:11 EST
A Red Hat Security Advisory RHSA-2012:0103 for squirrelmail packages shipped in Red Hat Enterprise Linux 4 and 5 claim to have fixed CVE-2010-2813 issue ("CVE-2010-2813 SquirrelMail: DoS (disk space consumption) by random IMAP login attempts with 8-bit characters in the password", bug #618096). However, the patch for this issue was not applied correctly and hence the issue was not fixed as stated in the advisory.
CVE assignment notification:
This issue has been addressed in following products:
Red Hat Enterprise Linux 5
Via RHSA-2013:0126 https://rhn.redhat.com/errata/RHSA-2013-0126.html