// For flags

CVE-2008-5005

uw-imap: buffer overflow in dmail and tmail

Severity Score

10.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Multiple stack-based buffer overflows in (1) University of Washington IMAP Toolkit 2002 through 2007c, (2) University of Washington Alpine 2.00 and earlier, and (3) Panda IMAP allow (a) local users to gain privileges by specifying a long folder extension argument on the command line to the tmail or dmail program; and (b) remote attackers to execute arbitrary code by sending e-mail to a destination mailbox name composed of a username and '+' character followed by a long string, processed by the tmail or possibly dmail program.

Múltiples desbordamientos de búfer basados en pila en (1) University de Washington IMAP Toolkit 2002 hasta 2007c, (2) University de Washington Alpine 2.00 y versiones anteriores, y (3) Panda IMAP permiten (a) a usuarios locales conseguir privilegios mediante la especificación de un argumento de extensión de carpeta largo en la línea de comandos del programa tmail o dmail; y (b) a atacantes remotos ejecutar código de su elección mediante el envío de correos al nombre del buzón de destino compuesto de un nombre de usuario y el carácter "+" seguido de una cadena larga, procesado por tmail o posiblemente el programa dmail.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2008-11-10 CVE Reserved
  • 2008-11-10 CVE Published
  • 2024-02-15 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (29)
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
University Of Washington
Search vendor "University Of Washington"
Alpine
Search vendor "University Of Washington" for product "Alpine"
0.80
Search vendor "University Of Washington" for product "Alpine" and version "0.80"
-
Affected
University Of Washington
Search vendor "University Of Washington"
Alpine
Search vendor "University Of Washington" for product "Alpine"
0.81
Search vendor "University Of Washington" for product "Alpine" and version "0.81"
-
Affected
University Of Washington
Search vendor "University Of Washington"
Alpine
Search vendor "University Of Washington" for product "Alpine"
0.82
Search vendor "University Of Washington" for product "Alpine" and version "0.82"
-
Affected
University Of Washington
Search vendor "University Of Washington"
Alpine
Search vendor "University Of Washington" for product "Alpine"
0.83
Search vendor "University Of Washington" for product "Alpine" and version "0.83"
-
Affected
University Of Washington
Search vendor "University Of Washington"
Alpine
Search vendor "University Of Washington" for product "Alpine"
0.98
Search vendor "University Of Washington" for product "Alpine" and version "0.98"
-
Affected
University Of Washington
Search vendor "University Of Washington"
Alpine
Search vendor "University Of Washington" for product "Alpine"
0.99
Search vendor "University Of Washington" for product "Alpine" and version "0.99"
-
Affected
University Of Washington
Search vendor "University Of Washington"
Alpine
Search vendor "University Of Washington" for product "Alpine"
0.999
Search vendor "University Of Washington" for product "Alpine" and version "0.999"
-
Affected
University Of Washington
Search vendor "University Of Washington"
Alpine
Search vendor "University Of Washington" for product "Alpine"
0.9999
Search vendor "University Of Washington" for product "Alpine" and version "0.9999"
-
Affected
University Of Washington
Search vendor "University Of Washington"
Alpine
Search vendor "University Of Washington" for product "Alpine"
0.99999
Search vendor "University Of Washington" for product "Alpine" and version "0.99999"
-
Affected
University Of Washington
Search vendor "University Of Washington"
Alpine
Search vendor "University Of Washington" for product "Alpine"
0.999999
Search vendor "University Of Washington" for product "Alpine" and version "0.999999"
-
Affected
University Of Washington
Search vendor "University Of Washington"
Alpine
Search vendor "University Of Washington" for product "Alpine"
1.00
Search vendor "University Of Washington" for product "Alpine" and version "1.00"
-
Affected
University Of Washington
Search vendor "University Of Washington"
Alpine
Search vendor "University Of Washington" for product "Alpine"
1.10
Search vendor "University Of Washington" for product "Alpine" and version "1.10"
-
Affected
University Of Washington
Search vendor "University Of Washington"
Alpine
Search vendor "University Of Washington" for product "Alpine"
2.00
Search vendor "University Of Washington" for product "Alpine" and version "2.00"
-
Affected
University Of Washington
Search vendor "University Of Washington"
Imap Toolkit
Search vendor "University Of Washington" for product "Imap Toolkit"
2002
Search vendor "University Of Washington" for product "Imap Toolkit" and version "2002"
-
Affected
University Of Washington
Search vendor "University Of Washington"
Imap Toolkit
Search vendor "University Of Washington" for product "Imap Toolkit"
2003
Search vendor "University Of Washington" for product "Imap Toolkit" and version "2003"
-
Affected
University Of Washington
Search vendor "University Of Washington"
Imap Toolkit
Search vendor "University Of Washington" for product "Imap Toolkit"
2004
Search vendor "University Of Washington" for product "Imap Toolkit" and version "2004"
-
Affected
University Of Washington
Search vendor "University Of Washington"
Imap Toolkit
Search vendor "University Of Washington" for product "Imap Toolkit"
2005
Search vendor "University Of Washington" for product "Imap Toolkit" and version "2005"
-
Affected
University Of Washington
Search vendor "University Of Washington"
Imap Toolkit
Search vendor "University Of Washington" for product "Imap Toolkit"
2006
Search vendor "University Of Washington" for product "Imap Toolkit" and version "2006"
-
Affected
University Of Washington
Search vendor "University Of Washington"
Imap Toolkit
Search vendor "University Of Washington" for product "Imap Toolkit"
2007
Search vendor "University Of Washington" for product "Imap Toolkit" and version "2007"
-
Affected
University Of Washington
Search vendor "University Of Washington"
Imap Toolkit
Search vendor "University Of Washington" for product "Imap Toolkit"
2007c
Search vendor "University Of Washington" for product "Imap Toolkit" and version "2007c"
-
Affected