CVE-2005-2933
CVE-2005-2933
Buffer overflow in the mail_valid_net_parse_work function in mail.c for Washington's IMAP Server (UW-IMAP) before imap-2004g allows remote attackers to execute arbitrary code via a mailbox name containing a single double-quote (") character without a closing quote, which causes bytes after the double-quote to be copied into a buffer indefinitely.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-Uftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.aschttp://archives.neohapsis.com/archives/fulldisclosure/2005-10/0081.htmlhttp://rhn.redhat.com/errata/RHSA-2006-0276.htmlhttp://rhn.redhat.com/errata/RHSA-2006-0549.htmlhttp://secunia.com/advisories/17062/http://secunia.com/advisories/17148http://secunia.com/advisories/17152http://secunia.com/advisories/17215http://secunia.com/advisories/17276http://secunia.com/advisories/17336http://secunia.com/advisories/17483