| CVE ID | |
| CVSS SCORE | 10.0, AV:N/AC:L/Au:N/C:C/I:C/A:C |
| AFFECTED VENDORS |
SCO |
| AFFECTED PRODUCTS |
OpenServer |
| TREND MICRO CUSTOMER PROTECTION | Trend Micro TippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID ['6535']. For further product information on the TippingPoint IPS: http://www.tippingpoint.com |
| VULNERABILITY DETAILS |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the SCO OpenServer IMAP daemon. Authentication is not required to exploit this vulnerability. The specific flaw exists within the imapd process responsible for handling remote IMAP requests. The process does not properly validate IMAP commands and arguments. Supplying an overly long command followed by an invalid argument can cause an exploitable overflow to occur. This vulnerability can be leveraged to execute arbitrary code. |
| ADDITIONAL DETAILS | |
| DISCLOSURE TIMELINE |
|
| CREDIT | Anonymous |
