CVE-2005-2933 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2005-2933
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-2933

Description: Buffer overflow in the mail_valid_net_parse_work function in mail.c for Washington's IMAP Server (UW-IMAP) before imap-2004g allows remote attackers to execute arbitrary code via a mailbox name containing a single double-quote (") character without a closing quote, which causes bytes after the double-quote to be copied into a buffer indefinitely.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/22518 SUSE http://www.novell.com/linux/security/advisories/2005_23_sr.html ST 1015000 SREASON http://securityreason.com/securityalert/47 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.500161 SGI SAID Secunia Advisory: SA17276 Secunia Advisory: SA17148 Secunia Advisory: SA17152 Secunia Advisory: SA18554 Secunia Advisory: SA17483 Secunia Advisory: SA17928 Secunia Advisory: SA17062 Secunia Advisory: SA17930 Secunia Advisory: SA17950 Secunia Advisory: SA17215 Secunia Advisory: SA17336 Secunia Advisory: SA19832 Secunia Advisory: SA20222 Secunia Advisory: SA20951 Secunia Advisory: SA21252 Secunia Advisory: SA21564 Secunia Advisory: SA20210 REDHAT http://rhn.redhat.com/errata/RHSA-2006-0549.html http://www.redhat.com/support/errata/RHSA-2006-0501.html http://rhn.redhat.com/errata/RHSA-2006-0276.html http://www.redhat.com/support/errata/RHSA-2005-848.html http://www.redhat.com/support/errata/RHSA-2005-850.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2005:189 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2005:194 IDEFENSE http://www.idefense.com/application/poi/display?id=313&type=vulnerabilities&flashstatus=true GENTOO http://www.gentoo.org/security/en/glsa/glsa-200510-10.xml FULLDISC http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0081.html FEDORA http://www.securityfocus.com/archive/1/archive/1/430303/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/430296/100/0/threaded DEBIAN http://www.debian.org/security/2005/dsa-861 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-160.htm http://support.avaya.com/elmodocs2/security/ASA-2006-129.htm http://www.washington.edu/imap/ CERT-VN 933601 BID 15009

Return to the previous page.