| GEN:SID | 1:297 |
| Message | IMAP EXPLOIT x86 linux overflow |
| Summary | This event is triggered when an attempt is made to overflow an imapd server. |
| Impact | Commands may be run on the IMAP server as the root user, This can lead to a complete compromise of the targeted system |
| Detailed Information | Failure to check the size of the value passed to the 'AUTHENTICATE' command on certain IMAPD implementations can lead to a buffer overflow. This in turn can allow arbitrary commands to be executed on the server. |
| Affected Systems | Netscape Messaging Server 3.55, University of Washington imapd 10.234 |
| Attack Scenarios | An attacker may attempt to exploit a vulnerable imapd server, permitting the execution of arbitrary commands possibly with the privilege of user "root". |
| Ease of Attack | Simple. Sample exploit code is available. |
| Corrective Action | Vendors have provided updated versions, upgrading will resolve this problem |
| Additional References | |
| Rule References | bugtraq: 130
cve: 1999-0005
|