CVE-2008-5514
https://notcve.org/view.php?id=CVE-2008-5514
Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit before imap-2007e and other applications, allows context-dependent attackers to cause a denial of service (crash) via an e-mail message that triggers a buffer overflow. Error de superación de límite en la función rfc822_output_char en las rutinas RFC822BUFFER de las bibliotecas c-client library, de la Universidad de Washinton (UW), como las utilizadas en por el Juego de herramientas UW IMAP anteriores a imap-2007e y otras aplicaciones, permiten a atacantes, despendiendo del contexto, provocar una denegación de servicio (caída) a través de un correo electrónico, que desencadene un desbordamiento de buffer. • http://secunia.com/advisories/33275 http://secunia.com/advisories/33638 http://securitytracker.com/id?1021485 http://www.mandriva.com/security/advisories?name=MDVSA-2009:146 http://www.securityfocus.com/bid/32958 http://www.vupen.com/english/advisories/2008/3490 http://www.washington.edu/imap/documentation/RELNOTES.html https://bugzilla.redhat.com/show_bug.cgi?id=477227 https://exchange.xforce.ibmcloud.com/vulnerabilities/47526 https://www.redhat.com/archives/fedora-package-announce/2009 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-5006
https://notcve.org/view.php?id=CVE-2008-5006
smtp.c in the c-client library in University of Washington IMAP Toolkit 2007b allows remote SMTP servers to cause a denial of service (NULL pointer dereference and application crash) by responding to the QUIT command with a close of the TCP connection instead of the expected 221 response code. smtp.c en la biblioteca c-client en University of Washington IMAP Toolkit 2007b permite a servidores SMTP remotos provocar una denegación de servicio (referencia a puntero NULL y caída de aplicación) por responder al comando QUIT con un cierre de la conexión TCP en lugar de con el código de respuesta 221 esperado. • http://secunia.com/advisories/33142 http://www.debian.org/security/2008/dsa-1685 http://www.mandriva.com/security/advisories?name=MDVSA-2009:146 http://www.openwall.com/lists/oss-security/2008/11/03/5 http://www.securityfocus.com/bid/32280 https://exchange.xforce.ibmcloud.com/vulnerabilities/46604 • CWE-399: Resource Management Errors •
CVE-2008-5005 – uw-imap: buffer overflow in dmail and tmail
https://notcve.org/view.php?id=CVE-2008-5005
Multiple stack-based buffer overflows in (1) University of Washington IMAP Toolkit 2002 through 2007c, (2) University of Washington Alpine 2.00 and earlier, and (3) Panda IMAP allow (a) local users to gain privileges by specifying a long folder extension argument on the command line to the tmail or dmail program; and (b) remote attackers to execute arbitrary code by sending e-mail to a destination mailbox name composed of a username and '+' character followed by a long string, processed by the tmail or possibly dmail program. Múltiples desbordamientos de búfer basados en pila en (1) University de Washington IMAP Toolkit 2002 hasta 2007c, (2) University de Washington Alpine 2.00 y versiones anteriores, y (3) Panda IMAP permiten (a) a usuarios locales conseguir privilegios mediante la especificación de un argumento de extensión de carpeta largo en la línea de comandos del programa tmail o dmail; y (b) a atacantes remotos ejecutar código de su elección mediante el envío de correos al nombre del buzón de destino compuesto de un nombre de usuario y el carácter "+" seguido de una cadena larga, procesado por tmail o posiblemente el programa dmail. • http://mailman2.u.washington.edu/pipermail/imap-uw/2008-October/002267.html http://mailman2.u.washington.edu/pipermail/imap-uw/2008-October/002268.html http://marc.info/?l=full-disclosure&m=122572590212610&w=4 http://panda.com/imap http://rhn.redhat.com/errata/RHSA-2009-0275.html http://secunia.com/advisories/32483 http://secunia.com/advisories/32512 http://secunia.com/advisories/33142 http://secunia.com/advisories/33996 http://securityreason.com/securityalert/4570 http:/& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2005-2933
https://notcve.org/view.php?id=CVE-2005-2933
Buffer overflow in the mail_valid_net_parse_work function in mail.c for Washington's IMAP Server (UW-IMAP) before imap-2004g allows remote attackers to execute arbitrary code via a mailbox name containing a single double-quote (") character without a closing quote, which causes bytes after the double-quote to be copied into a buffer indefinitely. • ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0081.html http://rhn.redhat.com/errata/RHSA-2006-0276.html http://rhn.redhat.com/errata/RHSA-2006-0549.html http://secunia.com/advisories/17062 http://secunia.com/advisories/17148 http://secunia.com/advisories/17152 http://secunia.com/advisories/17215 http://secunia.com/ad •
CVE-2005-0198
https://notcve.org/view.php?id=CVE-2005-0198
A logic error in the CRAM-MD5 code for the University of Washington IMAP (UW-IMAP) server, when Challenge-Response Authentication Mechanism with MD5 (CRAM-MD5) is enabled, does not properly enforce all the required conditions for successful authentication, which allows remote attackers to authenticate as arbitrary users. • http://secunia.com/advisories/14057 http://secunia.com/advisories/14097 http://securitytracker.com/id?1013037 http://www.gentoo.org/security/en/glsa/glsa-200502-02.xml http://www.kb.cert.org/vuls/id/702777 http://www.kb.cert.org/vuls/id/CRDY-68QSL5 http://www.mandriva.com/security/advisories?name=MDKSA-2005:026 http://www.redhat.com/support/errata/RHSA-2005-128.html http://www.securityfocus.com/bid/12391 https://oval.cisecurity.org/repository/search/definition/oval& •