carnegie mellon university cyrus imap server 2.0.16 vulnerabilities and exploits

(subscribe to this query)

7.5

CVSSv2

Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote malicious users to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347.

Carnegie Mellon University Cyrus Imap Server 2.0.12 Carnegie Mellon University Cyrus Imap Server 2.0.16 Carnegie Mellon University Cyrus Imap Server 2.1.10 Carnegie Mellon University Cyrus Imap Server 2.1.9 Carnegie Mellon University Cyrus Imap Server 1.4 Carnegie Mellon University Cyrus Imap Server 1.5.19

1 EDB exploit

10

CVSSv2

Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and previous versions, with the imapmagicplus option enabled, may allow remote malicious users to execute arbitrary code, a different vulnerability than CVE-2004-1011.

Carnegie Mellon University Cyrus Imap Server 1.4 Carnegie Mellon University Cyrus Imap Server 1.5.19 Carnegie Mellon University Cyrus Imap Server 2.2.1 Beta Carnegie Mellon University Cyrus Imap Server 2.2.2 Beta Carnegie Mellon University Cyrus Imap Server 2.2.9 Carnegie Mellon University Cyrus Imap Server 2.1.9 Carnegie Mellon University Cyrus Imap Server 2.2.0 Alpha Carnegie Mellon University Cyrus Imap Server 2.2.7 Carnegie Mellon University Cyrus Imap Server 2.1.16 Carnegie Mellon University Cyrus Imap Server 2.1.7 Carnegie Mellon University Cyrus Imap Server 2.2.5 Carnegie Mellon University Cyrus Imap Server 2.2.6 Carnegie Mellon University Cyrus Imap Server 2.2.8 Carnegie Mellon University Cyrus Imap Server 2.0.12 Carnegie Mellon University Cyrus Imap Server 2.0.16 Carnegie Mellon University Cyrus Imap Server 2.1.10 Carnegie Mellon University Cyrus Imap Server 2.2.3 Carnegie Mellon University Cyrus Imap Server 2.2.4 Ubuntu Ubuntu Linux 4.1 Redhat Fedora Core Core 2.0 Redhat Fedora Core Core 3.0

10

CVSSv2

Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and previous versions leads to a buffer overflow, which may allow remote malicious users to execute arbitrary code via the username.

Carnegie Mellon University Cyrus Imap Server 2.1.10 Carnegie Mellon University Cyrus Imap Server 2.1.16 Carnegie Mellon University Cyrus Imap Server 2.2.4 Carnegie Mellon University Cyrus Imap Server 2.2.5 Carnegie Mellon University Cyrus Imap Server 1.4 Carnegie Mellon University Cyrus Imap Server 1.5.19 Carnegie Mellon University Cyrus Imap Server 2.2.0 Alpha Carnegie Mellon University Cyrus Imap Server 2.2.1 Beta Carnegie Mellon University Cyrus Imap Server 2.2.8 Carnegie Mellon University Cyrus Imap Server 2.2.9 Carnegie Mellon University Cyrus Imap Server 2.1.7 Carnegie Mellon University Cyrus Imap Server 2.1.9 Carnegie Mellon University Cyrus Imap Server 2.2.6 Carnegie Mellon University Cyrus Imap Server 2.2.7 Carnegie Mellon University Cyrus Imap Server 2.0.12 Carnegie Mellon University Cyrus Imap Server 2.0.16 Carnegie Mellon University Cyrus Imap Server 2.2.2 Beta Carnegie Mellon University Cyrus Imap Server 2.2.3 Ubuntu Ubuntu Linux 4.1 Redhat Fedora Core Core 2.0 Redhat Fedora Core Core 3.0

5

CVSSv2

Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote malicious users to cause a denial of service (hang) using PHP IMAP clients.

Carnegie Mellon University Cyrus Imap Server 1.6.24 Carnegie Mellon University Cyrus Imap Server 2.0.15 Carnegie Mellon University Cyrus Imap Server 2.0.16 Bsdi Bsd Os 4.2

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook