Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2005-2933

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-13 Oct, 2005 | 04:00
Updated At-07 Aug, 2024 | 22:53
Rejected At-
Credits

Buffer overflow in the mail_valid_net_parse_work function in mail.c for Washington's IMAP Server (UW-IMAP) before imap-2004g allows remote attackers to execute arbitrary code via a mailbox name containing a single double-quote (") character without a closing quote, which causes bytes after the double-quote to be copied into a buffer indefinitely.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:13 Oct, 2005 | 04:00
Updated At:07 Aug, 2024 | 22:53
Rejected At:
▼CVE Numbering Authority (CNA)

Buffer overflow in the mail_valid_net_parse_work function in mail.c for Washington's IMAP Server (UW-IMAP) before imap-2004g allows remote attackers to execute arbitrary code via a mailbox name containing a single double-quote (") character without a closing quote, which causes bytes after the double-quote to be copied into a buffer indefinitely.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.mandriva.com/security/advisories?name=MDKSA-2005:194
vendor-advisory
x_refsource_MANDRIVA
http://www.redhat.com/support/errata/RHSA-2005-850.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/17950
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/21252
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/17276
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/17148
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/20222
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/20210
third-party-advisory
x_refsource_SECUNIA
http://support.avaya.com/elmodocs2/security/ASA-2006-160.htm
x_refsource_CONFIRM
http://secunia.com/advisories/18554
third-party-advisory
x_refsource_SECUNIA
http://securityreason.com/securityalert/47
third-party-advisory
x_refsource_SREASON
http://secunia.com/advisories/17152
third-party-advisory
x_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2006-0276.html
vendor-advisory
x_refsource_REDHAT
http://www.debian.org/security/2005/dsa-861
vendor-advisory
x_refsource_DEBIAN
http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0081.html
mailing-list
x_refsource_FULLDISC
http://secunia.com/advisories/17062/
third-party-advisory
x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9858
vdb-entry
signature
x_refsource_OVAL
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
vendor-advisory
x_refsource_SGI
http://www.securityfocus.com/bid/15009
vdb-entry
x_refsource_BID
http://www.washington.edu/imap/
x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2006-0501.html
vendor-advisory
x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2005-848.html
vendor-advisory
x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2006-0549.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/20951
third-party-advisory
x_refsource_SECUNIA
http://www.idefense.com/application/poi/display?id=313&type=vulnerabilities&flashstatus=true
third-party-advisory
x_refsource_IDEFENSE
https://exchange.xforce.ibmcloud.com/vulnerabilities/22518
vdb-entry
x_refsource_XF
http://support.avaya.com/elmodocs2/security/ASA-2006-129.htm
x_refsource_CONFIRM
http://www.securityfocus.com/archive/1/430296/100/0/threaded
vendor-advisory
x_refsource_FEDORA
http://secunia.com/advisories/19832
third-party-advisory
x_refsource_SECUNIA
ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc
vendor-advisory
x_refsource_SGI
http://secunia.com/advisories/17930
third-party-advisory
x_refsource_SECUNIA
http://securitytracker.com/id?1015000
vdb-entry
x_refsource_SECTRACK
http://www.kb.cert.org/vuls/id/933601
third-party-advisory
x_refsource_CERT-VN
http://www.gentoo.org/security/en/glsa/glsa-200510-10.xml
vendor-advisory
x_refsource_GENTOO
http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.500161
vendor-advisory
x_refsource_SLACKWARE
http://secunia.com/advisories/21564
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/430303/100/0/threaded
vendor-advisory
x_refsource_FEDORA
http://www.mandriva.com/security/advisories?name=MDKSA-2005:189
vendor-advisory
x_refsource_MANDRIVA
http://secunia.com/advisories/17928
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/17336
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/2685
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/17215
third-party-advisory
x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2005_23_sr.html
vendor-advisory
x_refsource_SUSE
http://secunia.com/advisories/17483
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2005:194
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-850.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/17950
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/21252
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/17276
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/17148
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/20222
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/20210
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2006-160.htm
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/18554
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://securityreason.com/securityalert/47
Resource:
third-party-advisory
x_refsource_SREASON
Hyperlink: http://secunia.com/advisories/17152
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://rhn.redhat.com/errata/RHSA-2006-0276.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.debian.org/security/2005/dsa-861
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0081.html
Resource:
mailing-list
x_refsource_FULLDISC
Hyperlink: http://secunia.com/advisories/17062/
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9858
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
Resource:
vendor-advisory
x_refsource_SGI
Hyperlink: http://www.securityfocus.com/bid/15009
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.washington.edu/imap/
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0501.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-848.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://rhn.redhat.com/errata/RHSA-2006-0549.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/20951
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.idefense.com/application/poi/display?id=313&type=vulnerabilities&flashstatus=true
Resource:
third-party-advisory
x_refsource_IDEFENSE
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/22518
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2006-129.htm
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/archive/1/430296/100/0/threaded
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://secunia.com/advisories/19832
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc
Resource:
vendor-advisory
x_refsource_SGI
Hyperlink: http://secunia.com/advisories/17930
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://securitytracker.com/id?1015000
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.kb.cert.org/vuls/id/933601
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200510-10.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.500161
Resource:
vendor-advisory
x_refsource_SLACKWARE
Hyperlink: http://secunia.com/advisories/21564
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/archive/1/430303/100/0/threaded
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2005:189
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://secunia.com/advisories/17928
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/17336
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2006/2685
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/17215
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.novell.com/linux/security/advisories/2005_23_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://secunia.com/advisories/17483
Resource:
third-party-advisory
x_refsource_SECUNIA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.mandriva.com/security/advisories?name=MDKSA-2005:194
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://www.redhat.com/support/errata/RHSA-2005-850.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/17950
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/21252
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/17276
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/17148
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/20222
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/20210
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://support.avaya.com/elmodocs2/security/ASA-2006-160.htm
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/18554
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://securityreason.com/securityalert/47
third-party-advisory
x_refsource_SREASON
x_transferred
http://secunia.com/advisories/17152
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://rhn.redhat.com/errata/RHSA-2006-0276.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.debian.org/security/2005/dsa-861
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0081.html
mailing-list
x_refsource_FULLDISC
x_transferred
http://secunia.com/advisories/17062/
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9858
vdb-entry
signature
x_refsource_OVAL
x_transferred
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
vendor-advisory
x_refsource_SGI
x_transferred
http://www.securityfocus.com/bid/15009
vdb-entry
x_refsource_BID
x_transferred
http://www.washington.edu/imap/
x_refsource_CONFIRM
x_transferred
http://www.redhat.com/support/errata/RHSA-2006-0501.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.redhat.com/support/errata/RHSA-2005-848.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://rhn.redhat.com/errata/RHSA-2006-0549.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/20951
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.idefense.com/application/poi/display?id=313&type=vulnerabilities&flashstatus=true
third-party-advisory
x_refsource_IDEFENSE
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/22518
vdb-entry
x_refsource_XF
x_transferred
http://support.avaya.com/elmodocs2/security/ASA-2006-129.htm
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/archive/1/430296/100/0/threaded
vendor-advisory
x_refsource_FEDORA
x_transferred
http://secunia.com/advisories/19832
third-party-advisory
x_refsource_SECUNIA
x_transferred
ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc
vendor-advisory
x_refsource_SGI
x_transferred
http://secunia.com/advisories/17930
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://securitytracker.com/id?1015000
vdb-entry
x_refsource_SECTRACK
x_transferred
http://www.kb.cert.org/vuls/id/933601
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://www.gentoo.org/security/en/glsa/glsa-200510-10.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.500161
vendor-advisory
x_refsource_SLACKWARE
x_transferred
http://secunia.com/advisories/21564
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/archive/1/430303/100/0/threaded
vendor-advisory
x_refsource_FEDORA
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2005:189
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://secunia.com/advisories/17928
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/17336
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2006/2685
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/17215
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.novell.com/linux/security/advisories/2005_23_sr.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://secunia.com/advisories/17483
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2005:194
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-850.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/17950
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/21252
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/17276
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/17148
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/20222
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/20210
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2006-160.htm
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/18554
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://securityreason.com/securityalert/47
Resource:
third-party-advisory
x_refsource_SREASON
x_transferred
Hyperlink: http://secunia.com/advisories/17152
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2006-0276.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.debian.org/security/2005/dsa-861
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0081.html
Resource:
mailing-list
x_refsource_FULLDISC
x_transferred
Hyperlink: http://secunia.com/advisories/17062/
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9858
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
Resource:
vendor-advisory
x_refsource_SGI
x_transferred
Hyperlink: http://www.securityfocus.com/bid/15009
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.washington.edu/imap/
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0501.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-848.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2006-0549.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/20951
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.idefense.com/application/poi/display?id=313&type=vulnerabilities&flashstatus=true
Resource:
third-party-advisory
x_refsource_IDEFENSE
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/22518
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2006-129.htm
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/430296/100/0/threaded
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://secunia.com/advisories/19832
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc
Resource:
vendor-advisory
x_refsource_SGI
x_transferred
Hyperlink: http://secunia.com/advisories/17930
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://securitytracker.com/id?1015000
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/933601
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200510-10.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.500161
Resource:
vendor-advisory
x_refsource_SLACKWARE
x_transferred
Hyperlink: http://secunia.com/advisories/21564
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/430303/100/0/threaded
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2005:189
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://secunia.com/advisories/17928
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/17336
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/2685
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/17215
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2005_23_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://secunia.com/advisories/17483
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:13 Oct, 2005 | 22:02
Updated At:03 Apr, 2025 | 01:03

Buffer overflow in the mail_valid_net_parse_work function in mail.c for Washington's IMAP Server (UW-IMAP) before imap-2004g allows remote attackers to execute arbitrary code via a mailbox name containing a single double-quote (") character without a closing quote, which causes bytes after the double-quote to be copied into a buffer indefinitely.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
university_of_washington
university_of_washington
>>uw-imap>>Versions up to 2004f(inclusive)
cpe:2.3:a:university_of_washington:uw-imap:*:*:*:*:*:*:*:*
university_of_washington
university_of_washington
>>uw-imap>>2004
cpe:2.3:a:university_of_washington:uw-imap:2004:*:*:*:*:*:*:*
university_of_washington
university_of_washington
>>uw-imap>>2004a
cpe:2.3:a:university_of_washington:uw-imap:2004a:*:*:*:*:*:*:*
university_of_washington
university_of_washington
>>uw-imap>>2004b
cpe:2.3:a:university_of_washington:uw-imap:2004b:*:*:*:*:*:*:*
university_of_washington
university_of_washington
>>uw-imap>>2004c
cpe:2.3:a:university_of_washington:uw-imap:2004c:*:*:*:*:*:*:*
university_of_washington
university_of_washington
>>uw-imap>>2004d
cpe:2.3:a:university_of_washington:uw-imap:2004d:*:*:*:*:*:*:*
university_of_washington
university_of_washington
>>uw-imap>>2004e
cpe:2.3:a:university_of_washington:uw-imap:2004e:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-Ucve@mitre.org
N/A
ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asccve@mitre.org
N/A
http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0081.htmlcve@mitre.org
Patch
http://rhn.redhat.com/errata/RHSA-2006-0276.htmlcve@mitre.org
N/A
http://rhn.redhat.com/errata/RHSA-2006-0549.htmlcve@mitre.org
N/A
http://secunia.com/advisories/17062/cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/17148cve@mitre.org
N/A
http://secunia.com/advisories/17152cve@mitre.org
N/A
http://secunia.com/advisories/17215cve@mitre.org
N/A
http://secunia.com/advisories/17276cve@mitre.org
N/A
http://secunia.com/advisories/17336cve@mitre.org
N/A
http://secunia.com/advisories/17483cve@mitre.org
N/A
http://secunia.com/advisories/17928cve@mitre.org
N/A
http://secunia.com/advisories/17930cve@mitre.org
N/A
http://secunia.com/advisories/17950cve@mitre.org
N/A
http://secunia.com/advisories/18554cve@mitre.org
N/A
http://secunia.com/advisories/19832cve@mitre.org
N/A
http://secunia.com/advisories/20210cve@mitre.org
N/A
http://secunia.com/advisories/20222cve@mitre.org
N/A
http://secunia.com/advisories/20951cve@mitre.org
N/A
http://secunia.com/advisories/21252cve@mitre.org
N/A
http://secunia.com/advisories/21564cve@mitre.org
N/A
http://securityreason.com/securityalert/47cve@mitre.org
N/A
http://securitytracker.com/id?1015000cve@mitre.org
N/A
http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.500161cve@mitre.org
N/A
http://support.avaya.com/elmodocs2/security/ASA-2006-129.htmcve@mitre.org
N/A
http://support.avaya.com/elmodocs2/security/ASA-2006-160.htmcve@mitre.org
N/A
http://www.debian.org/security/2005/dsa-861cve@mitre.org
N/A
http://www.gentoo.org/security/en/glsa/glsa-200510-10.xmlcve@mitre.org
N/A
http://www.idefense.com/application/poi/display?id=313&type=vulnerabilities&flashstatus=truecve@mitre.org
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/933601cve@mitre.org
US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2005:189cve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2005:194cve@mitre.org
N/A
http://www.novell.com/linux/security/advisories/2005_23_sr.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2005-848.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2005-850.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2006-0501.htmlcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/430296/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/430303/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/bid/15009cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2006/2685cve@mitre.org
N/A
http://www.washington.edu/imap/cve@mitre.org
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/22518cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9858cve@mitre.org
N/A
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-Uaf854a3a-2127-422b-91ae-364da2661108
N/A
ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.ascaf854a3a-2127-422b-91ae-364da2661108
N/A
http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0081.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
http://rhn.redhat.com/errata/RHSA-2006-0276.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2006-0549.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17062/af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/17148af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17152af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17215af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17276af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17336af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17483af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17928af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17930af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17950af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/18554af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/19832af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/20210af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/20222af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/20951af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/21252af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/21564af854a3a-2127-422b-91ae-364da2661108
N/A
http://securityreason.com/securityalert/47af854a3a-2127-422b-91ae-364da2661108
N/A
http://securitytracker.com/id?1015000af854a3a-2127-422b-91ae-364da2661108
N/A
http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.500161af854a3a-2127-422b-91ae-364da2661108
N/A
http://support.avaya.com/elmodocs2/security/ASA-2006-129.htmaf854a3a-2127-422b-91ae-364da2661108
N/A
http://support.avaya.com/elmodocs2/security/ASA-2006-160.htmaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2005/dsa-861af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.gentoo.org/security/en/glsa/glsa-200510-10.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.idefense.com/application/poi/display?id=313&type=vulnerabilities&flashstatus=trueaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/933601af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2005:189af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2005:194af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.novell.com/linux/security/advisories/2005_23_sr.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2005-848.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2005-850.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2006-0501.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/430296/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/430303/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/15009af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2006/2685af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.washington.edu/imap/af854a3a-2127-422b-91ae-364da2661108
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/22518af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9858af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
Source: cve@mitre.org
Resource: N/A
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0081.html
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://rhn.redhat.com/errata/RHSA-2006-0276.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2006-0549.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/17062/
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/17148
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/17152
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/17215
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/17276
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/17336
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/17483
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/17928
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/17930
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/17950
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/18554
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/19832
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/20210
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/20222
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/20951
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/21252
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/21564
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://securityreason.com/securityalert/47
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://securitytracker.com/id?1015000
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.500161
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2006-129.htm
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2006-160.htm
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.debian.org/security/2005/dsa-861
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200510-10.xml
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.idefense.com/application/poi/display?id=313&type=vulnerabilities&flashstatus=true
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.kb.cert.org/vuls/id/933601
Source: cve@mitre.org
Resource:
US Government Resource
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2005:189
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2005:194
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2005_23_sr.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-848.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-850.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0501.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/430296/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/430303/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/15009
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/2685
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.washington.edu/imap/
Source: cve@mitre.org
Resource:
Patch
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/22518
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9858
Source: cve@mitre.org
Resource: N/A
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0081.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://rhn.redhat.com/errata/RHSA-2006-0276.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2006-0549.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17062/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/17148
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17152
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17215
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17276
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17336
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17483
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17928
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17930
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17950
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/18554
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/19832
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/20210
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/20222
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/20951
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/21252
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/21564
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://securityreason.com/securityalert/47
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://securitytracker.com/id?1015000
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.500161
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2006-129.htm
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2006-160.htm
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2005/dsa-861
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200510-10.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.idefense.com/application/poi/display?id=313&type=vulnerabilities&flashstatus=true
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.kb.cert.org/vuls/id/933601
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2005:189
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2005:194
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2005_23_sr.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-848.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-850.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0501.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/430296/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/430303/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/15009
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/2685
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.washington.edu/imap/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/22518
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9858
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

10Records found
CVE-2000-0284
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-79.86% / 99.06%
||
7 Day CHG~0.00%
Published-26 Apr, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands.

Action-Not Available
Vendor-university_of_washingtonn/a
Product-imapn/a
CVE-2005-0198
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-30.25% / 96.52%
||
7 Day CHG~0.00%
Published-06 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A logic error in the CRAM-MD5 code for the University of Washington IMAP (UW-IMAP) server, when Challenge-Response Authentication Mechanism with MD5 (CRAM-MD5) is enabled, does not properly enforce all the required conditions for successful authentication, which allows remote attackers to authenticate as arbitrary users.

Action-Not Available
Vendor-university_of_washingtonn/a
Product-uw-imapn/a
CVE-2003-0297
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.91% / 74.88%
||
7 Day CHG~0.00%
Published-15 May, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicious IMAP servers to cause a denial of service (crash) and possibly execute arbitrary code via certain large (1) literal and (2) mailbox size values that cause either integer signedness errors or integer overflow errors.

Action-Not Available
Vendor-university_of_washingtonn/a
Product-c-clientpineimap-2002bn/a
CVE-2002-0379
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-29.90% / 96.48%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in University of Washington imap server (uw-imapd) imap-2001 (imapd 2001.315) and imap-2001a (imapd 2001.315) with legacy RFC 1730 support, and imapd 2000.287 and earlier, allows remote authenticated users to execute arbitrary code via a long BODY request.

Action-Not Available
Vendor-university_of_washingtonn/a
Product-uw-imapn/a
CVE-2002-0014
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.25% / 78.47%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

URL-handling code in Pine 4.43 and earlier allows remote attackers to execute arbitrary commands via a URL enclosed in single quotes and containing shell metacharacters (&).

Action-Not Available
Vendor-university_of_washingtonn/a
Product-pinen/a
CVE-2000-0847
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.43% / 79.88%
||
7 Day CHG~0.00%
Published-22 Jan, 2001 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in University of Washington c-client library (used by pine and other programs) allows remote attackers to execute arbitrary commands via a long X-Keywords header.

Action-Not Available
Vendor-university_of_washingtonn/a
Product-pineimapn/a
CVE-1999-0997
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.82% / 87.67%
||
7 Day CHG~0.00%
Published-25 Apr, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.

Action-Not Available
Vendor-millenux_gmbhuniversity_of_washingtonn/aRed Hat, Inc.
Product-linuxanonftpwu-ftpdn/a
CVE-1999-0202
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.74% / 71.91%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The GNU tar command, when used in FTP sessions, may allow an attacker to execute arbitrary commands.

Action-Not Available
Vendor-university_of_washingtonn/a
Product-wu-ftpdn/a
CVE-2003-0720
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-19.29% / 95.14%
||
7 Day CHG~0.00%
Published-12 Sep, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type.

Action-Not Available
Vendor-university_of_washingtonn/a
Product-pinen/a
CVE-2000-0909
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-11.04% / 93.16%
||
7 Day CHG~0.00%
Published-22 Jan, 2001 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote attackers to execute arbitrary commands via a long From: header.

Action-Not Available
Vendor-university_of_washingtonn/a
Product-pinen/a
Details not found