DSA-1685 uw-imap -- buffer overflows, null pointer dereferenceID: oval:org.mitre.oval:def:8142 | Date: (C)2009-12-15 (M)2024-02-19 |
Class: PATCH | Family: unix |
Two vulnerabilities have been found in uw-imap, an IMAP implementation. The Common Vulnerabilities and Exposures project identifies the following problems: It was discovered that several buffer overflows can be triggered via a long folder extension argument to the tmail or dmail program. This could lead to arbitrary code execution (CVE-2008-5005). It was discovered that a NULL pointer dereference could be triggered by a malicious response to the QUIT command leading to a denial of service (CVE-2008-5006).