Eudora WorldMail IMAP Server Buffer Overflow Vulnerability Network Vulnerability

Summary

This host is running WorldMail IMAP Server and prone to buffer overflow vulnerability.

Impact

Successful exploitation may allow remote attackers to execute arbitrary code within the context of the application or cause a denial of service condition. Impact Level: System/Application

Solution

Upgrade to Eudora WorldMail Server version 4.0 or later. For updates refer to http://www.eudora.com/worldmail/

Insight

The flaw is due to a boundary error when processing user supplied IMAP commands. This can be exploited to cause a stack-based overflow via a long string containing a '}' character.

Affected

Eudora WorldMail Server 3.0

References

http://osvdb.org/22097
http://secunia.com/advisories/17640
http://securitytracker.com/id/1015391
http://www.exploit-db.com/exploits/18354
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=359

Updated on 2015-03-25

Severity

Classification

CVE CVE-2005-4267

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

BaoFeng Storm '.smpl' File Buffer Overflow Vulnerability
BigAnt IM Server HTTP GET Request Buffer Overflow Vulnerability
Cyrus IMAP Server 'split_wildmats()' Remote Buffer Overflow Vulnerability
Avaya WinPDM Multiple Buffer Overflow Vulnerabilities
Adobe Reader 'File Extension' Buffer Overflow Vulnerability (Mac OS X)

Take action and discover your vulnerabilities