Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5514

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-5514
Last Modified 07 Mar 2011 10:14:41
Published 23 Dec 2008 01:30:03
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-5514

Summary

Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit before imap-2007e and other applications, allows context-dependent attackers to cause a denial of service (crash) via an e-mail message that triggers a buffer overflow.

Vulnerable Systems

Application

  • University Of Washington Imap 2000

  • University Of Washington Imap 2000a

  • University Of Washington Imap 2000b

  • University Of Washington Imap 2000c

  • University Of Washington Imap 2001

  • University Of Washington Imap 2001a

  • University Of Washington Imap 2002

  • University Of Washington Imap 2002a

  • University Of Washington Imap 2002b

  • University Of Washington Imap 2002c

  • University Of Washington Imap 2002d

  • University Of Washington Imap 2002e

  • University Of Washington Imap 2002f

  • University Of Washington Imap 2004

  • University Of Washington Imap 2004a

  • University Of Washington Imap 2004b

  • University Of Washington Imap 2004c

  • University Of Washington Imap 2004d

  • University Of Washington Imap 2004e

  • University Of Washington Imap 2004f

  • University Of Washington Imap 2004g

  • University Of Washington Imap 2006

  • University Of Washington Imap 2006a

  • University Of Washington Imap 2006b

  • University Of Washington Imap 2006c

  • University Of Washington Imap 2006d

  • University Of Washington Imap 2006e

  • University Of Washington Imap 2006f

  • University Of Washington Imap 2006g

  • University Of Washington Imap 2006h

  • University Of Washington Imap 2006i

  • University Of Washington Imap 2006j

  • University Of Washington Imap 2006k

  • University Of Washington Imap 2007

  • University Of Washington Imap 2007a

  • University Of Washington Imap 2007b

  • University Of Washington Imap 2007d


References

FEDORA - FEDORA-2009-0371

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=477227

XF - uwimapd-rfc822outputchar-dos(47526)

CONFIRM - http://www.washington.edu/imap/documentation/RELNOTES.html

VUPEN - ADV-2008-3490

BID - 32958

MANDRIVA - MDVSA-2009:146

SECTRACK - 1021485

SECUNIA - 33638

SECUNIA - 33275


Last Updated: 27 May 2016 10:48:49