Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2005-2878

Published: 13/09/2005 Updated: 18/10/2016
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 765
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Mailutils

Vulnerability Summary

Format string vulnerability in search.c in the imap4d server in GNU Mailutils 0.6 allows remote authenticated users to execute arbitrary code via format string specifiers in the SEARCH command.

Vulnerable Product Search on Vulmon Subscribe to Product

gnu mailutils 0.6

Exploits

Exploit DB: GNU Mailutils imap4d 0.6 - exec-shield Remote Format String
/* ** ** Fedora Core 6 (exec-shield) based ** GNU imap4d mailutils-06 search remote format string exploit ** by Xpl017Elz ** ** Advanced exploitation in exec-shield (Fedora Core case study) ** URL: x82inetcoporg/h0me/papers/FC_exploit/FC_exploittxt ** ** Reference: wwwsecurityfocuscom/bid/14794 (2005/09/09) ** labsidefen ...
Exploit DB: GNU Mailutils imap4d 0.6 (FreeBSD) - 'Search' Remote Format String
/* * Copyright (c) 2005 Rosiello Security * wwwrosielloorg * * Permission is granted for the redistribution of this software * electronically It may not be edited in any way without the express * written consent of Rosiello Security * * Disclaimer: The author published the information under the condition * that is not in the intention o ...
Exploit DB: GNU Mailutils imap4d 0.6 - 'Search' Remote Format String
/* * GNU Mailutils 06 imap4d 'search' format string exploit * Ref: wwwidefensecom/application/poi/display?id=303&type=vulnerabilities * * This silly exploit uses hardcoded values taken from GNU/Debian testing (etch) * * $ /imap4d_search_expl -h 127001 -p 143 -u clem1 -s PROUT * [+] GNU Mailutils 06 imap4d 'search' format s ...

References

NVD-CWE-Otherhttp://www.idefense.com/application/poi/display?id=303&type=vulnerabilities&flashstatus=truehttp://savannah.gnu.org/patch/index.php?func=detailitem&item_id=4407http://www.gentoo.org/security/en/glsa/glsa-200509-10.xmlhttp://www.rosiello.org/archivio/imap4d_FreeBSD_exploit.chttp://www.debian.org/security/2005/dsa-841http://secunia.com/advisories/16783http://secunia.com/advisories/17020http://www.securityfocus.com/bid/14794http://marc.info/?l=bugtraq&m=112785181316043&w=2https://nvd.nist.govhttps://www.exploit-db.com/exploits/3787/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30051remoteCVE-2024-27954CVE-2023-51483CVE-2023-47782SSRFCVE-2024-24715CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook