Vulnerabilities > CVE-2002-0379 - Unspecified vulnerability in University of Washington Uw-Imap

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
university-of-washington
nessus
exploit available

Summary

Buffer overflow in University of Washington imap server (uw-imapd) imap-2001 (imapd 2001.315) and imap-2001a (imapd 2001.315) with legacy RFC 1730 support, and imapd 2000.287 and earlier, allows remote authenticated users to execute arbitrary code via a long BODY request.

Exploit-Db

  • descriptionWu-imapd 2000/2001 Partial Mailbox Attribute Remote Buffer Overflow Vulnerability (2). CVE-2002-0379. Remote exploit for linux platform
    idEDB-ID:21443
    last seen2016-02-02
    modified2002-05-10
    published2002-05-10
    reporter0x3a0x29 crew
    sourcehttps://www.exploit-db.com/download/21443/
    titleWu-imapd 2000/2001 Partial Mailbox Attribute Remote Buffer Overflow Vulnerability 2
  • descriptionWu-imapd 2000/2001 Partial Mailbox Attribute Remote Buffer Overflow Vulnerability (1). CVE-2002-0379. Remote exploit for linux platform
    idEDB-ID:21442
    last seen2016-02-02
    modified2002-05-10
    published2002-05-10
    reporterkorty
    sourcehttps://www.exploit-db.com/download/21442/
    titleWu-imapd 2000/2001 Partial Mailbox Attribute Remote Buffer Overflow Vulnerability 1

Nessus

  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2002-034.NASL
    descriptionA buffer overflow was discovered in the imap server that could allow a malicious user to run code on the server with the uid and gid of the email owner by constructing a malformed request that would trigger the buffer overflow. However, the user must successfully authenticate to the imap service in order to exploit it, which limits the scope of the vulnerability somewhat, unless you are a free mail provider or run a mail service where users do not already have shell access to the system.
    last seen2020-06-01
    modified2020-06-02
    plugin id13940
    published2004-07-31
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/13940
    titleMandrake Linux Security Advisory : imap (MDKSA-2002:034)
  • NASL familyGain a shell remotely
    NASL idIMAP_BODY_OVERFLOW.NASL
    descriptionThe remote version of UW-IMAP is vulnerable to a buffer overflow condition that could allow an authenticated attacker to execute arbitrary code on the remote host with the privileges of the IMAP server.
    last seen2020-06-01
    modified2020-06-02
    plugin id10966
    published2002-05-29
    reporterThis script is Copyright (C) 2002-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/10966
    titleUniversity of Washington imap Server (uw-imapd) BODY Request Remote Overflow

Redhat

advisories
rhsa
idRHSA-2002:092