Oval Definition:oval:org.mitre.oval:def:8142
Revision Date:2014-06-23Version:18
Title:DSA-1685 uw-imap -- buffer overflows, null pointer dereference
Description:Two vulnerabilities have been found in uw-imap, an IMAP implementation. The Common Vulnerabilities and Exposures project identifies the following problems: It was discovered that several buffer overflows can be triggered via a long folder extension argument to the tmail or dmail program. This could lead to arbitrary code execution (CVE-2008-5005). It was discovered that a NULL pointer dereference could be triggered by a malicious response to the QUIT command leading to a denial of service (CVE-2008-5006).
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2008-5005
CVE-2008-5006
DSA-1685
Platform(s):Debian GNU/Linux 4.0
Product(s):uw-imap
Definition Synopsis
  • Debian GNU/Linux 4.0 is installed.
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • ipopd-ssl is earlier than 2002edebian1-13.1+etch1
  • OR uw-imapd-ssl is earlier than 2002edebian1-13.1+etch1
  • OR libc-client2002edebian is earlier than 2002edebian1-13.1+etch1
  • OR libc-client-dev is earlier than 2002edebian1-13.1+etch1
  • OR uw-mailutils is earlier than 2002edebian1-13.1+etch1
  • OR ipopd is earlier than 2002edebian1-13.1+etch1
  • OR uw-imapd is earlier than 2002edebian1-13.1+etch1
  • OR mlock is earlier than 2002edebian1-13.1+etch1
    • BACK