University Of Washington: Security Vulnerabilities
IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information.
CVSS Score
3.6
EPSS Score
0.002
Published
1997-10-08
Buffer overflow in University of Washington's implementation of IMAP and POP servers.
CVSS Score
10.0
EPSS Score
0.055
Published
1997-04-07
The GNU tar command, when used in FTP sessions, may allow an attacker to execute arbitrary commands.
CVSS Score
7.5
EPSS Score
0.007
Published
1997-01-01
Pine before version 3.94 allows local users to gain privileges via a symlink attack on a lockfile that is created when a user receives new mail.
CVSS Score
4.6
EPSS Score
0.001
Published
1996-08-26
Page 4