Vulnerability Name: CVE-2008-5005 (CCN-46281) Assigned: 2008-10-31 Published: 2008-10-31 Updated: 2018-10-11 Summary: Multiple stack-based buffer overflows in (1) University of Washington IMAP Toolkit 2002 through 2007c, (2) University of Washington Alpine 2.00 and earlier, and (3) Panda IMAP allow (a) local users to gain privileges by specifying a long folder extension argument on the command line to the tmail or dmail program; and (b) remote attackers to execute arbitrary code by sending e-mail to a destination mailbox name composed of a username and '+' character followed by a long string, processed by the tmail or possibly dmail program. CVSS v3 Severity: 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): LowAvailibility (A): Low
CVSS v2 Severity: 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C 7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P 5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
Vulnerability Type: CWE-119 Vulnerability Consequences: Gain Privileges References: Source: CCNIndex of ftp://ftp.cac.washington.edu/imap/ CVE-2008-5005 Security bug in tmail and dmail [imap-uw] 20081031 Security bug in tmail and dmail Security bug in tmail and dmail [imap-uw] 20081031 Security bug in tmail and dmail 20081103 Bitsec Security Advisory: UW/Panda IMAP [dt]mail buffer overflow http://panda.com/imap/ Moderate: imap security update RHSA-2009:0275 UW-imapd "tmail" and "dmail" Buffer Overflow Vulnerabilities 32483 32512 33142 33996 4570 UW-IMAP tmail/dmail Folder Name Buffer Overflow Lets Local Users Gain Elevated Privileges 1021131 http://support.avaya.com/elmodocs2/security/ASA-2009-065.htm imap security update (RHSA-2009-0275) http://www.bitsec.com/en/rad/bsa-081103.c http://www.bitsec.com/en/rad/bsa-081103.txt DSA-1685 uw-imap -- buffer overflows MDVSA-2009:146 [oss-security] 20081103 CVE request - uw-imap [oss-security] 20081103 Re: CVE request - uw-imap [oss-security] 20081103 Re: CVE request - uw-imap 20081103 Bitsec Security Advisory: UW/Panda IMAP [dt]mail buffer overflow 32072 University of Washington IMAP 'tmail' and 'dmail' Local Buffer Overflow Vulnerabilities Multiple stack-based buffer overflows ADV-2008-3042 http://www.washington.edu/alpine/tmailbug.html https://bugzilla.redhat.com/show_bug.cgi?id=469667 uwimapd-multiple-bo(46281) uwimapd-tmail-bo(46281) oval:org.mitre.oval:def:10485 FEDORA-2008-9383 FEDORA-2008-9396 Vulnerable Configuration: Configuration 1 :cpe:/a:university_of_washington:alpine:0.80:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:alpine:0.81:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:alpine:0.82:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:alpine:0.83:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:alpine:0.98:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:alpine:0.99:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:alpine:0.999:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:alpine:0.9999:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:alpine:0.99999:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:alpine:0.999999:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:alpine:1.00:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:alpine:1.10:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:alpine:2.00:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:imap_toolkit:2002:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:imap_toolkit:2003:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:imap_toolkit:2004:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:imap_toolkit:2005:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:imap_toolkit:2006:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:imap_toolkit:2007:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:imap_toolkit:2007c:*:*:*:*:*:*:* Configuration RedHat 1 :cpe:/o:redhat:enterprise_linux:3:*:*:*:*:*:*:* Configuration RedHat 2 :cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:* Configuration RedHat 3 :cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:* Configuration RedHat 4 :cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:* Configuration RedHat 5 :cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:* Configuration CCN 1 :cpe:/a:university_of_washington:imap_toolkit:2002:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:imap_toolkit:2003:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:imap_toolkit:2004:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:imap_toolkit:2005:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:imap_toolkit:2006:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:imap_toolkit:2007:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:imap_toolkit:2007c:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:alpine:2.00:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:alpine:1.10:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:alpine:1.00:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:alpine:0.999999:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:alpine:0.99999:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:alpine:0.9999:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:alpine:0.999:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:alpine:0.99:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:alpine:0.98:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:alpine:0.83:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:alpine:0.82:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:alpine:0.81:*:*:*:*:*:*:* OR cpe:/a:university_of_washington:alpine:0.80:*:*:*:*:*:*:* AND cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:* OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:* OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:* OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:* Oval Definitions Definition ID Class Title Last Modified oval:org.mitre.oval:def:19876 P DSA-1685-1 uw-imap - multiple vulnerabilities 2014-06-23 oval:org.mitre.oval:def:8142 P DSA-1685 uw-imap -- buffer overflows, null pointer dereference 2014-06-23 oval:org.mitre.oval:def:10485 V Multiple stack-based buffer overflows in (1) University of Washington IMAP Toolkit 2002 through 2007c, (2) University of Washington Alpine 2.00 and earlier, and (3) Panda IMAP allow (a) local users to gain privileges by specifying a long folder extension argument on the command line to the tmail or dmail program; and (b) remote attackers to execute arbitrary code by sending e-mail to a destination mailbox name composed of a username and '+' character followed by a long string, processed by the tmail or possibly dmail program. 2013-04-29 oval:com.redhat.rhsa:def:20090275 P RHSA-2009:0275: imap security update (Moderate) 2009-02-19 oval:org.debian:def:1685 V buffer overflows, null pointer dereference 2008-12-12
BACK
university_of_washington alpine 0.80
university_of_washington alpine 0.81
university_of_washington alpine 0.82
university_of_washington alpine 0.83
university_of_washington alpine 0.98
university_of_washington alpine 0.99
university_of_washington alpine 0.999
university_of_washington alpine 0.9999
university_of_washington alpine 0.99999
university_of_washington alpine 0.999999
university_of_washington alpine 1.00
university_of_washington alpine 1.10
university_of_washington alpine 2.00
university_of_washington imap toolkit 2002
university_of_washington imap toolkit 2003
university_of_washington imap toolkit 2004
university_of_washington imap toolkit 2005
university_of_washington imap toolkit 2006
university_of_washington imap toolkit 2007
university_of_washington imap toolkit 2007c
university_of_washington imap toolkit 2002
university_of_washington imap toolkit 2003
university_of_washington imap toolkit 2004
university_of_washington imap toolkit 2005
university_of_washington imap toolkit 2006
university_of_washington imap toolkit 2007
university_of_washington imap toolkit 2007c
university_of_washington alpine 2.00
university_of_washington alpine 1.10
university_of_washington alpine 1.00
university_of_washington alpine 0.999999
university_of_washington alpine 0.99999
university_of_washington alpine 0.9999
university_of_washington alpine 0.999
university_of_washington alpine 0.99
university_of_washington alpine 0.98
university_of_washington alpine 0.83
university_of_washington alpine 0.82
university_of_washington alpine 0.81
university_of_washington alpine 0.80
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 3
mandrakesoft mandrake linux corporate server 3.0
mandrakesoft mandrake linux corporate server 4.0
mandrakesoft mandrake linux corporate server 4.0
mandrakesoft mandrake linux corporate server 3.0
mandrakesoft mandrake linux 2008.0
debian debian linux 4.0
mandrakesoft mandrake linux 2008.0
mandrakesoft mandrake linux 2008.1 x86_64
mandrakesoft mandrake linux 2008.1
mandriva linux 2009.0
mandriva linux 2009.0 -
Denotes that component is vulnerable