perdition -- str_vwrite format string vulnerability

2007-10-31T00:00:00
ID 617A4021-8BF0-11DC-BFFA-0016179B2DD5
Type freebsd
Reporter FreeBSD
Modified 2007-10-31T00:00:00

Description

SEC-Consult reports:

Perdition IMAP is affected by a format string bug in one of its IMAP output-string formatting functions. The bug allows the execution of arbitrary code on the affected server. A successful exploit does not require prior authentication.