GNU Mailutils imap4d Search Command Remote Format String

This script is Copyright (C) 2005-2011 Tenable Network Security, Inc.


Synopsis :

The remote IMAP server is affected by a format string vulnerability.

Description :

GNU Mailutils is a collection of mail utilities, including an IMAP4
daemon, a POP3 daemon, and a very simple mail client.

The remote host is running a version of GNU Mailutils containing a
format string vulnerability in its IMAP4 daemon. By exploiting these
issues, a remote attacker may be able to execute code remotely in the
context of the user executing the daemon process, typically root.

See also :

http://www.nessus.org/u?b80e544b
http://savannah.gnu.org/patch/index.php?func=detailitem&item_id=4407

Solution :

Apply the patch referenced in the vendor advisory above.

Risk factor :

Medium / CVSS Base Score : 6.5
(CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P)
CVSS Temporal Score : 5.4
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 19605 (gnu_mailutils_search_format_string.nasl)

Bugtraq ID: 14794

CVE ID: CVE-2005-2878