IMAP: Command Line Format String
This signature detects attempts to exploit format string vulnerabilities through IMAP. Attackers can send malformed commands prior to authentication. A successful attack can allow execution of arbitrary code.
Extended Description
Courier-IMAP is reported to be susceptible to a remote format string vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input before using it as the format specifier in a formatted printing function. Successful exploitation of this issue will allow an attacker to execute arbitrary code on the affected computer with the privileges of the user that the IMAP daemon runs as. This vulnerability is exploitable prior to authentication. Courier-IMAP versions 1.6.0 through to 2.2.1 are reported vulnerable. Other versions may also be vulnerable.
Affected Products
Inter7 courier-imap
Short Name
IMAP:EXPLOIT:CMD-FORMAT-STRING
Severity
Major
Recommended
False
Recommended Action
Drop
Category
IMAP
Keywords
CVE-2004-0777 CVE-2005-2878 Command Format Line String bid:10976 bid:14794
Release Date
09/06/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Inter7
CVSS Score
7.5