Perdition IMAPD __STR_VWRITE Remote Format String Vulnerability

Perdition IMAPD __STR_VWRITE Remote Format String Vulnerability

The researcher responsible for discovering this issue has developed proof-of-concept exploit code, but it is not publicly available; please see the references for details.

The following proof of concept is available:

perl -e 'print "abc%n\x00\n"' | nc perdition.example.com 143

Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.