Red Hat Bugzilla – Bug 486963
CVE-2009-0671 uw-imap: remote format string vulnerability
Last modified: 2009-02-25 04:25:45 EST
Common Vulnerabilities and Exposures assigned an identifier CVE-2009-0671 to the following vulnerability:
Format string vulnerability in the University of Washington (UW)
c-client library, as used by the UW IMAP toolkit imap-2007d and other
applications, allows remote attackers to execute arbitrary code via
format string specifiers in the initial request to the IMAP port
Official statement was published on the Nist's NVD site:
Disputed: The Red Hat Security Response Team have been unable to confirm the
existence of this format string vulnerability in the toolkit, and the sample
published exploit is not complete or functional.
This issue was investigated by Red Hat and upstream and we were unable to identify a specific flaw based on the published exploit. Exploit code is broken and does not even compile. Additionally, it seems to be a merge of two or more previous exploits, format string was copied verbatim from:
While it's unclear whether the exploit was intentionally crippled to hide real flaw, or it was fake from the beginning, we were not able to identify any format string issues that would affect UW imapd as suggested by the published exploit. Additional sources report that similarly broken fake exploits were published in the past, crediting same author.
CVE id should be marked rejected by Mitre in the near future.