(0day) SCO Openserver IMAP Daemon Long Verb Parsing Remote Code Execution Vulnerability

ID ZDI-11-058
Type zdi
Reporter Anonymous
Modified 2011-11-09T00:00:00


This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the SCO OpenServer IMAP daemon. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the imapd process responsible for handling remote IMAP requests. The process does not properly validate IMAP commands and arguments. Supplying an overly long command followed by an invalid argument can cause an exploitable overflow to occur. This vulnerability can be leveraged to execute arbitrary code.