[VIM] possibly false: CVE-2009-0671 (IMAP c-client format string)
Steven M. Christey
coley at linus.mitre.org
Tue Feb 24 16:02:02 UTC 2009
Researcher: Faryad rahmany
It's been pointed out to me that CVE-2009-0671 is likely fake. At the
very least, the exploit has serious problems:
1) It uses Unix-specific include files but calls the Windows-specific
WSAStartup()
2) It contains clear syntax errors like he-h_addr
This was also reported in BID:33795 and
XF:imap-toolkit-cclient-format-string(48798). No idea if they've done
additional research.
Currently I'm writing it up as questionable, but a more direct vendor
dispute might follow soon.
- Steve
======================================================
Name: CVE-2009-0671
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0671
Reference: MISC:http://packetstormsecurity.org/0902-exploits/uwimap-format.txt
Reference: BID:33795
Reference: URL:http://www.securityfocus.com/bid/33795
Reference: XF:imap-toolkit-cclient-format-string(48798)
Reference: URL:http://xforce.iss.net/xforce/xfdb/48798
Format string vulnerability in the University of Washington (UW)
c-client library, as used by the UW IMAP toolkit imap-2007d and other
applications, allows remote attackers to execute arbitrary code via
format string specifiers in the initial request to the IMAP port
(143/tcp). NOTE: it is highly likely that this report is inaccurate,
since the associated exploit contains syntax errors and uses Unix-only
include files while invoking Windows functions.
More information about the VIM
mailing list