iDEFENSE Security Advisory 05.25.05-4 - Remote exploitation of a format string vulnerability in the imap4d server within version 0.6 of the GNU Project's Mailutils package could allow an unauthenticated attacker to execute arbitrary code. iDEFENSE Labs has verified the existence of this vulnerability in versions 0.5 and 0.6 of the GNU Mailutils package. It is suspected that any previous versions which contain the imap4d server are also affected.
4cf6b51e3b3de7821c70ccf23e85db00e625d0bb564cf87adce27d31b50b5a98
Gentoo Linux Security Advisory GLSA 200505-20 - infamous41d discovered several vulnerabilities in GNU Mailutils. imap4d does not correctly implement formatted printing of command tags (CVE-2005-1523), fails to validate the range sequence of the FETCH command (CVE-2005-1522), and contains an integer overflow in the fetch_io routine (CVE-2005-1521). mail contains a buffer overflow in header_get_field_name() (CVE-2005-1520). Versions less than 0.6-r1 are affected.
c2fb67e7ef5e9d7869519665523ab1b56b6a1f13618b8118efd53ef25ee92044
Debian Security Advisory DSA 732-1 - infamous41md discovered several vulnerabilities in the GNU mailutils package which contains utilities for handling mail. These problems can lead to a denial of service or the execution of arbitrary code.
1005b0538ef9725d5772e9e17747592bfda51d019fd5077e00a9b28c52168511