Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2008-5005
Description:Multiple stack-based buffer overflows in (1) University of Washington IMAP Toolkit 2002 through 2007c, (2) University of Washington Alpine 2.00 and earlier, and (3) Panda IMAP allow (a) local users to gain privileges by specifying a long folder extension argument on the command line to the tmail or dmail program; and (b) remote attackers to execute arbitrary code by sending e-mail to a destination mailbox name composed of a username and '+' character followed by a long string, processed by the tmail or possibly dmail program.
Test IDs: 1.3.6.1.4.1.25623.1.0.63419   1.3.6.1.4.1.25623.1.0.63481   1.3.6.1.4.1.25623.1.0.63432   1.3.6.1.4.1.25623.1.0.800150   1.3.6.1.4.1.25623.1.0.800149   1.3.6.1.4.1.25623.1.0.880714  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2008-5005
BugTraq ID: 32072
http://www.securityfocus.com/bid/32072
Bugtraq: 20081103 Bitsec Security Advisory: UW/Panda IMAP [dt]mail buffer overflow (Google Search)
http://www.securityfocus.com/archive/1/498002/100/0/threaded
Debian Security Information: DSA-1685 (Google Search)
http://www.debian.org/security/2008/dsa-1685
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00058.html
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00082.html
http://marc.info/?l=full-disclosure&m=122572590212610&w=4
http://www.mandriva.com/security/advisories?name=MDVSA-2009:146
http://www.bitsec.com/en/rad/bsa-081103.c
http://www.bitsec.com/en/rad/bsa-081103.txt
http://www.washington.edu/alpine/tmailbug.html
http://mailman2.u.washington.edu/pipermail/imap-uw/2008-October/002267.html
http://mailman2.u.washington.edu/pipermail/imap-uw/2008-October/002268.html
http://www.openwall.com/lists/oss-security/2008/11/03/3
http://www.openwall.com/lists/oss-security/2008/11/03/4
http://www.openwall.com/lists/oss-security/2008/11/03/5
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10485
RedHat Security Advisories: RHSA-2009:0275
http://rhn.redhat.com/errata/RHSA-2009-0275.html
http://securitytracker.com/id?1021131
http://secunia.com/advisories/32483
http://secunia.com/advisories/32512
http://secunia.com/advisories/33142
http://secunia.com/advisories/33996
http://securityreason.com/securityalert/4570
http://www.vupen.com/english/advisories/2008/3042
XForce ISS Database: uwimapd-tmail-bo(46281)
https://exchange.xforce.ibmcloud.com/vulnerabilities/46281




© 1998-2024 E-Soft Inc. All rights reserved.