IMAP pop-2d POP Daemon FOLD Command Remote Overflow

This script is Copyright (C) 1999-2011 Tenable Network Security, Inc.


Synopsis :

The remote IMAP server is affected by a buffer overflow vulnerability.

Description :

There is a buffer overflow in the imap suite provided with Debian
GNU/Linux 2.1, which has a vulnerability in its POP-2 daemon, found in
the ipopd package. This vulnerability allows an attacker to gain a
shell as user 'nobody', but requires the attacker to have a valid pop2
account.

See also :

http://marc.info/?l=bugtraq&m=92774876916776&w=2

Solution :

Upgrade to imap-4.5 or later as this reportedly fixes the issue.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 9.5
(CVSS2#E:F/RL:U/RC:C)
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 10130 (ipop2d.nasl)

Bugtraq ID: 283

CVE ID: CVE-1999-0920