CVE-1999-1224
First published: Wed Oct 08 1997(Updated: )
IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| University of Washington UW-IMAP | ||
| University of Washington UW-IMAP | =4.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-1999-1224?
CVE-1999-1224 is considered a local denial of service vulnerability.
How do I fix CVE-1999-1224?
To fix CVE-1999-1224, it is recommended to update to a version of the IMAP server that addresses this vulnerability.
Which software is affected by CVE-1999-1224?
CVE-1999-1224 affects University of Washington IMAP versions 4.1 and potentially earlier versions.
Can CVE-1999-1224 lead to information disclosure?
Yes, CVE-1999-1224 can potentially lead to information disclosure through core dumps that may contain sensitive password information.
Is CVE-1999-1224 exploitable remotely?
No, CVE-1999-1224 is a local vulnerability that requires access to the server to exploit.
- agent/references
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/description
- agent/last-modified-date
- agent/author
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-historical
- vendor/university of washington
- product/imapd
- canonical/university of washington imapd
- agent/software-canonical-lookup-request
- collector/nvd-index
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- canonical/university of washington uw-imap
- version/university of washington uw-imap/4.1