CVE-2004-0777

Description

Format string vulnerability in the auth_debug function in Courier-IMAP 1.6.0 through 2.2.1 and 3.x through 3.0.3, when login debugging (DEBUG_LOGIN) is enabled, allows remote attackers to execute arbitrary code.

How to fix CVE-2004-0777

To remediate CVE-2004-0777, upgrade the affected package to a fixed version below.

• Debian/courier—upgrade to 0.45.6-1 or later

Is CVE-2004-0777 being exploited?

Moderate — EPSS is 15.9%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (1)

• from 0, < 0.45.6-1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2004-0777