Qualcomm WorldMail Multiple IMAP Command Remote Overflow

high Nessus Plugin ID 20336

Synopsis

It is possible to execute code on the remote IMAP server.

Description

The remote host is running a version of Qualcomm WorldMail's IMAP service that is prone to a buffer overflow attack triggered when processing a long command with a closing brace.

An attacker can exploit this flaw to execute arbitrary code subject to the privileges of the affected application.

Solution

Unknown at this time.

See Also

https://seclists.org/fulldisclosure/2005/Dec/1037

http://www.nessus.org/u?955a6b52

Plugin Details

Severity: High

ID: 20336

File Name: worldmail_overflow.nasl

Version: 1.16

Type: remote

Published: 12/20/2005

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.0

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Excluded KB Items: imap/false_imap

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 12/20/2005

Exploitable With

CANVAS (CANVAS)

Metasploit (Qualcomm WorldMail 3.0 IMAPD LIST Buffer Overflow)

Reference Information

CVE: CVE-2005-4267

BID: 15980