GLSA-200603-04 : IMAP Proxy: Format string vulnerabilities
High Nessus Plugin ID 21021
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200603-04 (IMAP Proxy: Format string vulnerabilities)
Steve Kemp discovered two format string errors in IMAP Proxy.
A remote attacker could design a malicious IMAP server and entice someone to connect to it using IMAP Proxy, resulting in the execution of arbitrary code with the rights of the victim user.
Only connect to trusted IMAP servers using IMAP Proxy.
SolutionAll IMAP Proxy users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=net-mail/up-imapproxy-1.2.4'