UW-IMAP < 2007e c-client Library Overflow
Medium Nessus Network Monitor Plugin ID 4798
SynopsisThe remote host is vulnerable to a buffer overflow.
DescriptionThere is a flaw in the remote UW-IMAP server that allows a remote user to execute arbitrary code on the server. The flaw is in the way that UW-IMAP handles malformed data sent to the 'rfc822_output_char' function of the 'c-client' library. An attacker exploiting this flaw would only need the ability to send malformed data to the server process.
SolutionUpgrade to version 2007e or higher.