Eudora WorldMail IMAP LIST command buffer overflow

Added: 12/30/2005
CVE: CVE-2005-4267
BID: 15980
OSVDB: 22097

Background

Eudora WorldMail is an e-mail server for Windows.

Problem

A long IMAP command ending with a close brace character could result in a buffer overflow, leading to remote command execution.

Resolution

Upgrade to a version of Eudora WorldMail higher than 3.1.22.

References

http://archives.neohapsis.com/archives/fulldisclosure/2005-12/1014.html

Platforms

Windows

Back to exploit index