| VID |
23058 |
| Severity |
40 |
| Port |
406 |
| Protocol |
TCP |
| Class |
IMSP |
| Detailed Description |
The Cyrus IMSP, according to its version number, a buffer overflow in the abook_dbname function.
Carnegie Mellon University's Cyrus IMSP is a implementation of the IMSP(Internet Message Support Protocol) protocol. Some versions are vulnerable to a buffer overflow vulnerability, caused by improper handling certain types of requests in the abook_dbname function. By issuing a too long argument as his name in the abook_dbname function, a remote attacker can cause a buffer overflow and execute arbitrary code on this system with the privileges of the root user.
* Note: This check solely relied on the version number of the remote Cyrus IMSP server to assess this vulnerability, so this might be a false positive.
* Refernces:
http://archives.neohapsis.com/archives/bugtraq/2003-12/0222.html
http://packetstormsecurity.org/0312-exploits/SPK-IMSPd.c
http://www.securiteam.com/exploits/6N00L1F95S.html
* Platforms Affected:
Carnegie Mellon University Cyrus IMSP 1.4
Carnegie Mellon University Cyrus IMSP 1.5a6
Carnegie Mellon University Cyrus IMSP 1.6a3
Carnegie Mellon University Cyrus IMSP 1.7
Various Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Cyrus IMSP (1.6a4 or 1.7a or later) from the Cyrus Download Web page at http://asg.web.cmu.edu/cyrus/download/ |
| Related URL |
(CVE) |
| Related URL |
9227 (SecurityFocus) |
| Related URL |
13994 (ISS) |
|
