Vulnerabilities > CVE-2005-2878 - Remote Format String vulnerability in GNU Mailutils 0.6
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Format string vulnerability in search.c in the imap4d server in GNU Mailutils 0.6 allows remote authenticated users to execute arbitrary code via format string specifiers in the SEARCH command.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description GNU Mailutils imap4d 0.6 (search) Remote Format String Exploit (fbsd). CVE-2005-2878. Remote exploit for bsd platform id EDB-ID:1234 last seen 2016-01-31 modified 2005-09-26 published 2005-09-26 reporter Angelo Rosiello source https://www.exploit-db.com/download/1234/ title GNU Mailutils imap4d 0.6 search Remote Format String Exploit fbsd description GNU Mailutils imap4d 0.6 (search) Remote Format String Exploit. CVE-2005-2878. Remote exploit for linux platform id EDB-ID:1209 last seen 2016-01-31 modified 2005-09-10 published 2005-09-10 reporter Clément Lecigne source https://www.exploit-db.com/download/1209/ title GNU Mailutils imap4d 0.6 search Remote Format String Exploit
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-841.NASL description A format string vulnerability has been discovered in GNU mailutils which contains utilities for handling mail that allows a remote attacker to execute arbitrary code on the IMAP server. last seen 2020-06-01 modified 2020-06-02 plugin id 19845 published 2005-10-05 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/19845 title Debian DSA-841-1 : mailutils - format string vulnerability NASL family Gain a shell remotely NASL id GNU_MAILUTILS_SEARCH_FORMAT_STRING.NASL description GNU Mailutils is a collection of mail utilities, including an IMAP4 daemon, a POP3 daemon, and a very simple mail client. The remote host is running a version of GNU Mailutils containing a format string vulnerability in its IMAP4 daemon. By exploiting these issues, a remote attacker may be able to execute code remotely in the context of the user executing the daemon process, typically root. last seen 2020-06-01 modified 2020-06-02 plugin id 19605 published 2005-09-09 reporter This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/19605 title GNU Mailutils imap4d Search Command Remote Format String NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200509-10.NASL description The remote host is affected by the vulnerability described in GLSA-200509-10 (Mailutils: Format string vulnerability in imap4d) The imap4d server contains a format string bug in the handling of IMAP SEARCH requests. Impact : An authenticated IMAP user could exploit the format string error in imap4d to execute arbitrary code as the imap4d user, which is usually root. Workaround : There are no known workarounds at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 19742 published 2005-09-17 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/19742 title GLSA-200509-10 : Mailutils: Format string vulnerability in imap4d
References
- http://marc.info/?l=bugtraq&m=112785181316043&w=2
- http://savannah.gnu.org/patch/index.php?func=detailitem&item_id=4407
- http://secunia.com/advisories/16783
- http://secunia.com/advisories/17020
- http://www.debian.org/security/2005/dsa-841
- http://www.gentoo.org/security/en/glsa/glsa-200509-10.xml
- http://www.idefense.com/application/poi/display?id=303&type=vulnerabilities&flashstatus=true
- http://www.rosiello.org/archivio/imap4d_FreeBSD_exploit.c
- http://www.securityfocus.com/bid/14794