CVE-2005-2661

EPSS 19.7%

up-imapproxy - arbitrary code execution

Published: 10/14/2005Modified: 4/28/2026

Also known as:DEBIAN-CVE-2005-2661

Description

Format string vulnerability in the ParseBannerAndCapability function in main.c for up-imapproxy 1.2.3 and 1.2.4 allows remote IMAP servers to execute arbitrary code via format string specifiers in a banner or capability line.

Affected packages (2)

Debian/up-imapproxyfrom 0, < 1.2.4-2
Debian/up-imapproxyfrom 0, < 1.2.3-1sarge1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2005-2661