CVE-2005-2661

Name of the Vulnerable Software and Affected Versions up-imapproxy versions 1.2.3 through 1.2.4

Description A format string issue in the ParseBannerAndCapability function allows remote IMAP servers to execute arbitrary code via format string specifiers in a banner or capability line.

Recommendations For up-imapproxy versions 1.2.3 and 1.2.4, consider disabling the ParseBannerAndCapability function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.