2 results (0.001 seconds)

CVSS: 7.5EPSS: 32%CPEs: 7EXPL: 0

Buffer overflow in the mail_valid_net_parse_work function in mail.c for Washington's IMAP Server (UW-IMAP) before imap-2004g allows remote attackers to execute arbitrary code via a mailbox name containing a single double-quote (") character without a closing quote, which causes bytes after the double-quote to be copied into a buffer indefinitely. • ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0081.html http://rhn.redhat.com/errata/RHSA-2006-0276.html http://rhn.redhat.com/errata/RHSA-2006-0549.html http://secunia.com/advisories/17062 http://secunia.com/advisories/17148 http://secunia.com/advisories/17152 http://secunia.com/advisories/17215 http://secunia.com/ad •

CVSS: 7.5EPSS: 32%CPEs: 4EXPL: 2

Buffer overflow in University of Washington imap server (uw-imapd) imap-2001 (imapd 2001.315) and imap-2001a (imapd 2001.315) with legacy RFC 1730 support, and imapd 2000.287 and earlier, allows remote authenticated users to execute arbitrary code via a long BODY request. • https://www.exploit-db.com/exploits/21442 https://www.exploit-db.com/exploits/21443 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-021.0.txt http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000487 http://marc.info/?l=bugtraq&m=102107222100529&w=2 http://online.securityfocus.com/advisories/4167 http://www.iss.net/security_center/static/9055.php http://www.kb.cert.org/vuls/id/961489 http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-034.php •