CVE-2005-2661 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2005-2661

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Format string vulnerability in the ParseBannerAndCapability function in main.c for up-imapproxy 1.2.3 and 1.2.4 allows remote IMAP servers to execute arbitrary code via format string specifiers in a banner or capability line.

Affected Software

Name	Vendor	Start Version	End Version
Up-imapproxy	Up-imapproxy	1.2.3 (including)	1.2.3 (including)
Up-imapproxy	Up-imapproxy	1.2.4 (including)	1.2.4 (including)

References

http://secunia.com/advisories/17100/
http://secunia.com/advisories/17120
http://secunia.com/advisories/19113
http://securityreason.com/securityalert/547
http://www.debian.org/security/2005/dsa-852
http://www.gentoo.org/security/en/glsa/glsa-200603-04.xml
http://www.securityfocus.com/bid/15048
http://www.vupen.com/english/advisories/2005/2014
http://www.vupen.com/english/advisories/2005/2015