| VID |
18042 |
| Severity |
40 |
| Port |
143 |
| Protocol |
TCP |
| Class |
IMAP |
| Detailed Description |
The Cyrus IMAP server, according to its banner, has a a remotely exploitable pre-login buffer overflow.
Cyrus IMAPD is a freely available, open source Interactive Mail Access Protocol (IMAP) daemon. It is available for Unix and Linux operating systems.
It has been reported that Cyrus IMAPD 1.4 up to and including version 2.1.10 do not sufficiently handle overly long strings. In some cases, when a user connects to the daemon, and upon negotiating the connection sends a login string of excessive length, a buffer overflow occurs. This could result in heap corruption and arbitrary words in memory being overwritten. It may be possible to exploit this issue to execute arbitrary code.
* Platforms Affected:
Carnegie Mellon University Cyrus IMAP Server 1.4 up to and including version 2.1.10
* Note: This check item solely relied on the version of the remote IMAP server to assess this vulnerability, so this might be a false positive. |
| Recommendation |
Apply the appropriate patch for your system, as listed in the following site:
http://online.securityfocus.com/bid/6298/solution/
-- OR --
This issue is resolved in version 2.1.11 and 2.0.17. Upgrade to the latest version (2.0.17 or 2.1.11) of Cyrus IMAPD, available from http://asg.web.cmu.edu/cyrus/download/ |
| Related URL |
CVE-2002-1580 (CVE) |
| Related URL |
6298 (SecurityFocus) |
| Related URL |
10744 (ISS) |
|
