Lucene search
RootSSV:4585HistoryDec 23, 2008 - 12:00 a.m.
UW-IMAP c-client库单字节溢出漏洞
2008-12-2300:00:00
Root
www.seebug.org
20
0.002 Low
EPSS
Percentile
62.7%
BUGTRAQ ID: 32958
CVE(CAN) ID: CVE-2008-5514
UW-IMAP是Linux和UNIX系统的免费IMAP服务,捆绑于各种Linux版本中。
UW-IMAP的c-client库中的rfc822_output_char()函数没有检查缓冲区是否已经充满,因此可能多写入一个字节,之后由于大小为-1的memcpy操作会在rfc822_output_data()中触发分段错误,导致服务程序崩溃。
University of Washington imap < 2007e
厂商补丁:
University of Washington
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
<a href=“ftp://ftp.cac.washington.edu/imap/imap-2007e.tar.gz” target=“_blank”>ftp://ftp.cac.washington.edu/imap/imap-2007e.tar.gz</a>
Related
openvas
openvas
FreeBSD Ports: imap-uw
2009-01-13 00:00:00
Fedora Core 9 FEDORA-2009-0371 (uw-imap)
2009-01-26 00:00:00
FreeBSD Ports: imap-uw
2009-01-13 00:00:00
nessus
nessus
FreeBSD : imap-uw -- local buffer overflow vulnerabilities (a6713190-dfea-11dd-a765-0030843d3802)
2009-01-12 00:00:00
FreeBSD : imap-uw -- imap c-client buffer overflow (69a20ce4-dfee-11dd-a765-0030843d3802)
2009-01-12 00:00:00
Fedora 9 : uw-imap-2007e-1.fc9 (2009-0371)
2009-01-22 00:00:00
prion
prion
Buffer overflow
2008-12-23 18:30:00
fedora
fedora
[SECURITY] Fedora 10 Update: uw-imap-2007e-1.fc10
2009-01-21 21:37:01
[SECURITY] Fedora 9 Update: uw-imap-2007e-1.fc9
2009-01-21 21:39:10
ubuntucve
ubuntucve
CVE-2008-5514
2008-12-23 00:00:00
cve
cve
CVE-2008-5514
2008-12-23 18:30:00
debiancve
debiancve
CVE-2008-5514
2008-12-23 18:30:00
freebsd
freebsd
imap-uw -- imap c-client buffer overflow
2008-12-16 00:00:00
imap-uw -- local buffer overflow vulnerabilities
2008-10-29 00:00:00
debian
debian
[Backports-security-announce] Security Update for uw-imap
2009-01-16 07:50:14
[Backports-security-announce] Security Update for uw-imap
2009-01-16 07:50:23
gentoo
gentoo
UW IMAP toolkit: Multiple vulnerabilities
2009-11-25 00:00:00
PHP: Multiple vulnerabilities
2010-01-05 00:00:00