CVE-2005-2878

This exploit targets a format string vulnerability in GNU imap4d mailutils-0.6, allowing remote code execution via a crafted 'search' command. It bypasses exec-shield by leaking the address of do_system() and overwriting the .dtors section to execute arbitrary commands (e.g., xterm).

This exploit targets a format string vulnerability in GNU Mailutils 0.6 imap4d's 'search' command. It leverages a format string attack to overwrite memory addresses and execute arbitrary shellcode, which spawns a bind shell on port 30464.

This exploit targets a format string vulnerability in GNU Mailutils 0.6 imap4d via the 'search' command. It leverages hardcoded addresses for Debian testing (etch) to overwrite the IO_file_close function pointer and execute shellcode, resulting in remote code execution.