IMAP: Wu-IMAPd Mailbox Buffer Overflow
This signature detects attempts to exploit a known vulnerability against Washington University wu-imapd 2004g. Attackers can send a maliciously crafted mailbox name in a request to execute arbitrary code on the host; however a valid IMAP username and login are still required.
Extended Description
University of Washington IMAP is prone to a buffer-overflow vulnerability. This issue is exposed when the application parses mailbox names. If successful, an attacker may execute arbitrary code in the context of the server process. Note that to exploit this issue, the attacker must first authenticate to the service.
Affected Products
Avaya s8500,University_of_washington imap
Short Name
IMAP:OVERFLOW:WUIMAPD-MBOX-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
IMAP
Keywords
Buffer CVE-2005-2933 Mailbox Overflow Wu-IMAPd bid:15009
Release Date
10/31/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Red_hat
Conectiva
Suse
Gentoo
Trustix
Avaya
Sgi
Slackware
Mandriva
University_of_washington
Debian
CVSS Score
7.5