Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2008-5005

Multiple stack-based buffer overflows in (1) University of Washington IMAP Toolkit 2002 through 2007c, (2) University of Washington Alpine 2.00 and earlier, and (3) Panda IMAP allow (a) local users to gain privileges by specifying a long folder extension argument on the command line to the tmail or dmail program; and (b) remote attackers to execute arbitrary code by sending e-mail to a destination mailbox name composed of a username and '+' character followed by a long string, processed by the tmail or possibly dmail program.

Published

2008-11-10T14:12:56.140

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 10.0 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

10.0

Impact Score

10.0

Weaknesses

Type: Primary
CWE-119

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	university_of_washington	alpine	0.80	Yes
Application	university_of_washington	alpine	0.81	Yes
Application	university_of_washington	alpine	0.82	Yes
Application	university_of_washington	alpine	0.83	Yes
Application	university_of_washington	alpine	0.98	Yes
Application	university_of_washington	alpine	0.99	Yes
Application	university_of_washington	alpine	0.999	Yes
Application	university_of_washington	alpine	0.9999	Yes
Application	university_of_washington	alpine	0.99999	Yes
Application	university_of_washington	alpine	0.999999	Yes
Application	university_of_washington	alpine	1.00	Yes
Application	university_of_washington	alpine	1.10	Yes
Application	university_of_washington	alpine	2.00	Yes
Application	university_of_washington	imap_toolkit	2002	Yes
Application	university_of_washington	imap_toolkit	2003	Yes
Application	university_of_washington	imap_toolkit	2004	Yes
Application	university_of_washington	imap_toolkit	2005	Yes
Application	university_of_washington	imap_toolkit	2006	Yes
Application	university_of_washington	imap_toolkit	2007	Yes
Application	university_of_washington	imap_toolkit	2007c	Yes

References

http://mailman2.u.washington.edu/pipermail/imap-uw/2008-October/002267.html Patch ([email protected])
http://mailman2.u.washington.edu/pipermail/imap-uw/2008-October/002268.html ([email protected])
http://marc.info/?l=full-disclosure&m=122572590212610&w=4 ([email protected])
http://panda.com/imap/ ([email protected])
http://rhn.redhat.com/errata/RHSA-2009-0275.html ([email protected])
http://secunia.com/advisories/32483 Vendor Advisory ([email protected])
http://secunia.com/advisories/32512 ([email protected])
http://secunia.com/advisories/33142 ([email protected])
http://secunia.com/advisories/33996 ([email protected])
http://securityreason.com/securityalert/4570 ([email protected])
http://securitytracker.com/id?1021131 ([email protected])
http://support.avaya.com/elmodocs2/security/ASA-2009-065.htm ([email protected])
http://www.bitsec.com/en/rad/bsa-081103.c URL Repurposed ([email protected])
http://www.bitsec.com/en/rad/bsa-081103.txt URL Repurposed ([email protected])
http://www.debian.org/security/2008/dsa-1685 ([email protected])
http://www.mandriva.com/security/advisories?name=MDVSA-2009:146 ([email protected])
http://www.openwall.com/lists/oss-security/2008/11/03/3 ([email protected])
http://www.openwall.com/lists/oss-security/2008/11/03/4 ([email protected])
http://www.openwall.com/lists/oss-security/2008/11/03/5 ([email protected])
http://www.securityfocus.com/archive/1/498002/100/0/threaded ([email protected])
http://www.securityfocus.com/bid/32072 ([email protected])
http://www.vupen.com/english/advisories/2008/3042 ([email protected])
http://www.washington.edu/alpine/tmailbug.html ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=469667 Patch ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/46281 ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10485 ([email protected])
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00058.html ([email protected])
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00082.html ([email protected])
http://mailman2.u.washington.edu/pipermail/imap-uw/2008-October/002267.html Patch (af854a3a-2127-422b-91ae-364da2661108)
http://mailman2.u.washington.edu/pipermail/imap-uw/2008-October/002268.html (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=full-disclosure&m=122572590212610&w=4 (af854a3a-2127-422b-91ae-364da2661108)
http://panda.com/imap/ (af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2009-0275.html (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/32483 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/32512 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/33142 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/33996 (af854a3a-2127-422b-91ae-364da2661108)
http://securityreason.com/securityalert/4570 (af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1021131 (af854a3a-2127-422b-91ae-364da2661108)
http://support.avaya.com/elmodocs2/security/ASA-2009-065.htm (af854a3a-2127-422b-91ae-364da2661108)
http://www.bitsec.com/en/rad/bsa-081103.c URL Repurposed (af854a3a-2127-422b-91ae-364da2661108)
http://www.bitsec.com/en/rad/bsa-081103.txt URL Repurposed (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2008/dsa-1685 (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2009:146 (af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2008/11/03/3 (af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2008/11/03/4 (af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2008/11/03/5 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/498002/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/32072 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2008/3042 (af854a3a-2127-422b-91ae-364da2661108)
http://www.washington.edu/alpine/tmailbug.html (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=469667 Patch (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/46281 (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10485 (af854a3a-2127-422b-91ae-364da2661108)
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00058.html (af854a3a-2127-422b-91ae-364da2661108)
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00082.html (af854a3a-2127-422b-91ae-364da2661108)