UoW imapd AUTHENTICATE Command Remote Overflow

Critical Nessus Plugin ID 10292


It is possible to execute code on the remote IMAP server.


It was possible to crash the remote IMAP server by sending a too long AUTHENTICATE command.
An attacker may be able to exploit this vulnerability to execute code on the remote host.


Contact your IMAP server vendor.

Plugin Details

Severity: Critical

ID: 10292

File Name: uw_imap_overflow.nasl

Version: $Revision: 1.30 $

Type: remote

Published: 1999/06/22

Modified: 2011/03/11

Dependencies: 10125, 17975

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 9.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:U/RC:ND

Vulnerability Information

Excluded KB Items: imap/false_imap

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 1998/07/17

Reference Information

CVE: CVE-1999-0005

BID: 130

OSVDB: 911