Published: 26/05/2005 Updated: 05/09/2008

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Format string vulnerability in imap4d server in GNU Mailutils 0.5 and 0.6, and other versions prior to 0.6.90, allows remote malicious users to execute arbitrary code via format string specifiers in the command tag for IMAP commands.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnu mailutils 0.5
gnu mailutils 0.6

"infamous41md" discovered several vulnerabilities in the GNU mailutils package which contains utilities for handling mail These problems can lead to a denial of service or the execution of arbitrary code The Common Vulnerabilities and Exposures project identifies the following vulnerabilities CAN-2005-1520 Buffer overflow mail header handli ...

/* mu-imap4d_fsexpc * * GNU Mailutils imap4d v06 remote format string exploit * by CoKi <coki@nosystemcomar> * * Original Reference: * wwwidefensecom/application/poi/display?id=246&type=vulnerabilities * * coki@nosystem:/home/coki/audit$ /mu-imap4d_fsexp * * GNU Mailutils imap4d v06 remote format string exploit ...

NVD-CWE-Other http://www.idefense.com/application/poi/display?id=246&type=vulnerabilities http://www.securityfocus.com/bid/13764 http://secunia.com/advisories/15442 http://www.debian.org/security/2005/dsa-732 http://securitytracker.com/id?1014052 https://nvd.nist.gov https://www.debian.org/security/./dsa-732 https://www.exploit-db.com/exploits/1123/

CVE-2005-1523

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect