Bug 486963 (CVE-2009-0671)
Summary: | CVE-2009-0671 uw-imap: remote format string vulnerability | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Tomas Hoger <thoger> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED INSUFFICIENT_DATA | QA Contact: | |
Severity: | urgent | Docs Contact: | |
Priority: | urgent | ||
Version: | unspecified | CC: | jdennis, jorton, rdieter |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0671 | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2009-02-25 09:25:45 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Tomas Hoger
2009-02-23 13:53:11 UTC
Official statement was published on the Nist's NVD site: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0671 Disputed: The Red Hat Security Response Team have been unable to confirm the existence of this format string vulnerability in the toolkit, and the sample published exploit is not complete or functional. This issue was investigated by Red Hat and upstream and we were unable to identify a specific flaw based on the published exploit. Exploit code is broken and does not even compile. Additionally, it seems to be a merge of two or more previous exploits, format string was copied verbatim from: http://skypher.com/wiki/index.php?title=Www.edup.tudelft.nl/~bjwever/exploits/Nightmare.c While it's unclear whether the exploit was intentionally crippled to hide real flaw, or it was fake from the beginning, we were not able to identify any format string issues that would affect UW imapd as suggested by the published exploit. Additional sources report that similarly broken fake exploits were published in the past, crediting same author. CVE id should be marked rejected by Mitre in the near future. |