CVE-2005-2661

up-imapproxy 1.2.3-1.2.4 - Remote Code Execution via Format String in Banner or Capability Line

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-2661. PoCs published by Steve Kemp.

AI-analyzed exploit summary This exploit demonstrates a format string vulnerability in up-IMAPProxy <= 1.2.4 by sending a maliciously crafted banner to trigger arbitrary code execution or crashes. It binds to port 143 (IMAP) and waits for connections to send the exploit payload.

Description

Format string vulnerability in the ParseBannerAndCapability function in main.c for up-imapproxy 1.2.3 and 1.2.4 allows remote IMAP servers to execute arbitrary code via format string specifiers in a banner or capability line.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Steve Kemp · cdoslinux

https://www.exploit-db.com/exploits/26340

View Code ZIP pw:eip

This exploit demonstrates a format string vulnerability in up-IMAPProxy <= 1.2.4 by sending a maliciously crafted banner to trigger arbitrary code execution or crashes. It binds to port 143 (IMAP) and waits for connections to send the exploit payload.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: up-IMAPProxy <= 1.2.4

No auth needed

Prerequisites: Network access to the target's IMAP port (143) · Target running vulnerable version of up-IMAPProxy

MITRE ATT&CK