Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Debian Security Advisory DSA 1685-1 (uw-imap)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update to uw-imap announced via advisory DSA 1685-1.
Insight
Insight
Two vulnerabilities have been found in uw-imap, an IMAP implementation. The Common Vulnerabilities and Exposures project identifies the following problems: It was discovered that several buffer overflows can be triggered via a long folder extension argument to the tmail or dmail program. This could lead to arbitrary code execution (CVE-2008-5005). It was discovered that a NULL pointer dereference could be triggered by a malicious response to the QUIT command leading to a denial of service (CVE-2008-5006). For the stable distribution (etch), these problems have been fixed in version 2002edebian1-13.1+etch1. For the unstable distribution (sid) and the testing distribution (lenny), these problems have been fixed in version 2007d~dfsg-1. We recommend that you upgrade your uw-imap packages.
Solution
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201685-1