Vulnerabilities > CVE-1999-1224 - Unspecified vulnerability in University of Washington Imapd 4.1

CVSS 3.6 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

PARTIAL

local

low complexity

university-of-washington

NVD

Published: 1997-10-08

Updated: 2017-12-19

Summary

IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information.

Vulnerable Configurations

Part	Description	Count
Application	University_Of_Washington University OF Washington Imapd * University OF Washington Imapd 4.1	2

References

http://marc.info/?l=bugtraq&m=87635124302928&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/349