Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Sun, 27 May 2012 23:02:11 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=2022902806&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F0102-exploits%2Fimapd_exploit.c%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.2022902806.1338159731.1338159731.1338159731.1%3B%2B__utmz%3D32867617.1338159731.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/24357/imapd_exploit.c http://packetstormsecurity.org/files/24357/imapd_exploit.c http://packetstormsecurity.org/files/24357/imapd_exploit.c.html Sat, 24 Feb 2001 01:26:19 GMT A remotely exploitable stack overflow has been discovered in Imapd v12.264 and below in the handling of the lsub command. Since an account is required, mail only users will be able to get shell access. Tested against Slackware 7.0, 7.1, Redhat 6.2, and Conectiva Linux 6.0. Fix available here.