Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-2878 — Use of Externally-Controlled Format String in Mailutils

8 documents6 sources

Severity

7.5HIGHNVD

EPSS

57.1%

top 1.85%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

GNU Mailutils

Timeline

PublishedSep 13

Latest updateMay 1

Description

Format string vulnerability in search.c in the imap4d server in GNU Mailutils 0.6 allows remote authenticated users to execute arbitrary code via format string specifiers in the SEARCH command.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶Debiangnu/mailutils< 1:0.6.90-3+3

▶NVDgnu/mailutils0.6

Patches

Patch: savannah.gnu.org ↗Patch: www.idefense.com ↗Patch: savannah.gnu.org ↗

🔴Vulnerability Details

GHSA

GHSA-6mvq-9mv3-ppcp: Format string vulnerability in search↗2022-05-01

▶

CVEList

CVE-2005-2878: Format string vulnerability in search↗2005-09-13

▶

OSV

CVE-2005-2878: Format string vulnerability in search↗2005-09-13

▶

💥Exploits & PoCs

Exploit-DB

GNU Mailutils imap4d 0.6 - exec-shield Remote Format String↗2007-04-24

▶

Exploit-DB

GNU Mailutils imap4d 0.6 (FreeBSD) - 'Search' Remote Format String↗2005-09-26

▶

Exploit-DB

GNU Mailutils imap4d 0.6 - 'Search' Remote Format String↗2005-09-10

▶

📋Vendor Advisories

Debian

CVE-2005-2878: mailutils - Format string vulnerability in search.c in the imap4d server in GNU Mailutils 0....↗2005

▶