CVE-1999-1224
LowExploitation Probability (EPSS)
Low risk25th percentile — higher than 25% of all known CVEs
Summary
IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, leading to a core dump that may contain sensitive password information.
Risk Assessment
Local users can exploit this vulnerability to crash the server, potentially leading to service unavailability and exposure of sensitive data.
Recommendation
It is recommended to update to the latest version of the IMAP software that addresses signal handling issues and to monitor logs for unauthorized access attempts.
Original NVD description (English source)
IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information.

