Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200510-10] uw-imap: Remote buffer overflow Vulnerability Scan
Vulnerability Scan Summary
uw-imap: Remote buffer overflow
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200510-10
(uw-imap: Remote buffer overflow)
Improper bounds checking of user supplied data while parsing IMAP
mailbox names can lead to overflowing the stack buffer.
Successful exploitation requires an authenticated IMAP user to
request a malformed mailbox name. This can lead to execution of
arbitrary code with the permissions of the IMAP server.
There are no known workarounds at this time.
All uw-imap users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-mail/uw-imap-2004g"
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.