| |
Vulnerability CVE-1999-1224
Published: 1997-10-08 Modified: 2012-02-12
| Description: |
IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information. |
Type:
CWE-Other
CVSS2 => (AV:L/AC:L/Au:N/C:P/I:N/A:P)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
3.6/10 |
4.9/10 |
3.9/10 |
| Exploit range |
Attack complexity |
Authentication |
Local |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
None |
Partial |
References: |
http://marc.info/?l=bugtraq&m=87635124302928&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/349
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
