Published: 20/07/1998 Updated: 09/09/2008
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

Arbitrary command execution via IMAP buffer overflow in authenticate command.


source: wwwsecurityfocuscom/bid/130/info A vulnerability exists in certain imapd implementations that allow an attacker to execute arbitrary code remotely In certain instances, the code to be executed will be run with root privilege Imap supports a command 'AUTHENTICATE' which specifies the type of authentication mechanism to be used t ...

Github Repositories

Command line client for CVEs

GoCVE GoCVE is a command line client that provides CVE info (queried from a local database) GoCVE provides simple commands to download and populate a DB(postgres or sqlite) which you can then use to list, search or get CVE info from GoCVE is a single binary that was tested on linux Usage Configure the GoCVE tool The configs you set will be written out to a config file at ~/