FreeBSD : imap-uw -- mailbox name handling remote buffer vulnerability (1f6e2ade-35c2-11da-811d-0050bf27ba24)

This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

FrSIRT reports :

A vulnerability has been identified in UW-IMAP, which could be
exploited by remote attackers to execute arbitrary commands. This flaw
is due to a stack overflow error in the 'mail_valid_net_parse_work()'
[src/c-client/mail.c] function that does not properly handle specially
crafted mailbox names containing a quote (') character, which could be
exploited by authenticated remote attackers to execute arbitrary
commands with the privileges of the IMAP server.

See also :

http://www.frsirt.com/english/advisories/2005/1953
http://www.nessus.org/u?4bf53403
http://www.washington.edu/imap/documentation/RELNOTES.html
http://www.nessus.org/u?6422f553

Solution :

Update the affected package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 21396 (freebsd_pkg_1f6e2ade35c211da811d0050bf27ba24.nasl)

Bugtraq ID:

CVE ID: CVE-2005-2933

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now