Multiple vulnerabilities were found in the UW IMAP toolkit:
- Aron Andersson and Jan Sahlin of Bitsec reported boundary errors in the "tmail" and "dmail" utilities when processing overly long mailbox names, leading to stack-based buffer overflows (CVE-2008-5005).
- An error in smtp.c in the c-client library was found, leading to a NULL pointer dereference vulnerability (CVE-2008-5006).
- Ludwig Nussel reported an off-by-one error in the rfc822_output_char() function in the RFC822BUFFER routines in the c-client library, as used by the UW IMAP toolkit (CVE-2008-5514)...
Set as favorite
Share This
Email this
Comments (0)
Subscribe to this comment's feed
Show/hide commentsWrite comment
Show/hide comment formYou must be logged in to post a comment. Please register if you do not have an account yet.
