GNU.Mailutils.Imap4D.Search.Command.Format.String
Description
imap4d is prone to a remote format string vulnerability.
The issue presents itself when the service handles malicious search commands from a client.
Affected Products
This issue has been confirmed in GNU Mailutils 0.6.
Impact
A successful attack may result in arbitrary code execution. This may facilitate unauthorized access or privilege escalation in the context of the server.
Recommended Actions
Apply the patch.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |