Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Gentoo Local Security Checks --> Category: infos

[GLSA-200408-19] courier-imap: Remote Format String Vulnerability Vulnerability Scan

Vulnerability Scan Summary
courier-imap: Remote Format String Vulnerability

Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200408-19
(courier-imap: Remote Format String Vulnerability)

There is a format string vulnerability in the auth_debug() function which
can be exploited remotely, potentially leading to arbitrary code execution
as the user running the IMAP daemon (oftentimes root). A remote attacker
may send username or password information containing printf() format tokens
(such as "%s"), which will crash the server or cause it to
execute arbitrary code.
This vulnerability can only be exploited if DEBUG_LOGIN is set to something
other than 0 in the imapd config file.


If DEBUG_LOGIN is enabled in the imapd configuration, a remote attacker may
execute arbitrary code as the root user.


Set the DEBUG_LOGIN option in /etc/courier-imap/imapd to 0. (This is the
default value.)


All courier-imap users should upgrade to the latest version:
# emerge sync
# emerge -pv ">=net-mail/courier-imap-3.0.5"
# emerge ">=net-mail/courier-imap-3.0.5"

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.