CVE-2002-0379

University OF Washington Uw-imap - Buffer Overflow

Title source: rule

Description

Buffer overflow in University of Washington imap server (uw-imapd) imap-2001 (imapd 2001.315) and imap-2001a (imapd 2001.315) with legacy RFC 1730 support, and imapd 2000.287 and earlier, allows remote authenticated users to execute arbitrary code via a long BODY request.

Exploits (2)

exploitdb WORKING POC VERIFIED

by 0x3a0x29 crew · cremotelinux

https://www.exploit-db.com/exploits/21443

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by korty · cremotelinux

https://www.exploit-db.com/exploits/21442

View Code ZIP pw:eip

References (12)

[Various Sources] http://www.linuxsecurity.com/advisories/other_advisory-2120.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/4713

[Mailing List] http://marc.info/?l=bugtraq&m=102107222100529&w=2

[Various Sources] http://www.washington.edu/imap/buffer.html

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2002-092.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/10803

[Various Sources] http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000487

[Third Party Advisory, VDB Entry] http://online.securityfocus.com/advisories/4167

[Various Sources] ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-021.0.txt

[Third Party Advisory] http://www.iss.net/security_center/static/9055.php

[Various Sources] http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-034.php

[US Government Resource] http://www.kb.cert.org/vuls/id/961489

Scores

EPSS 0.3463

EPSS Percentile 97.0%

Details

Status published

Products (4)

university_of_washington/uw-imap 2000.283

university_of_washington/uw-imap 2000.284

university_of_washington/uw-imap 2000.287

university_of_washington/uw-imap 2000.315

Published Jun 25, 2002

Tracked Since Feb 18, 2026