CVE-2005-2661 Information

Description

Format string vulnerability in the ParseBannerAndCapability function in main.c for up-imapproxy 1.2.3 and 1.2.4 allows remote IMAP servers to execute arbitrary code via format string specifiers in a banner or capability line.

Reference

http://secunia.com/advisories/17100/ http://secunia.com/advisories/17120 http://secunia.com/advisories/19113 http://securityreason.com/securityalert/547 http://www.debian.org/security/2005/dsa-852 http://www.gentoo.org/security/en/glsa/glsa-200603-04.xml http://www.securityfocus.com/bid/15048 http://www.vupen.com/english/advisories/2005/2014 http://www.vupen.com/english/advisories/2005/2015