Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and previous versions leads to a buffer overflow, which may allow remote malicious users to execute arbitrary code via the username.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
carnegie mellon university cyrus imap server 2.1.10 |
||
carnegie mellon university cyrus imap server 2.1.16 |
||
carnegie mellon university cyrus imap server 2.2.4 |
||
carnegie mellon university cyrus imap server 2.2.5 |
||
carnegie mellon university cyrus imap server 1.4 |
||
carnegie mellon university cyrus imap server 1.5.19 |
||
carnegie mellon university cyrus imap server 2.2.0_alpha |
||
carnegie mellon university cyrus imap server 2.2.1_beta |
||
carnegie mellon university cyrus imap server 2.2.8 |
||
carnegie mellon university cyrus imap server 2.2.9 |
||
carnegie mellon university cyrus imap server 2.1.7 |
||
carnegie mellon university cyrus imap server 2.1.9 |
||
carnegie mellon university cyrus imap server 2.2.6 |
||
carnegie mellon university cyrus imap server 2.2.7 |
||
carnegie mellon university cyrus imap server 2.0.12 |
||
carnegie mellon university cyrus imap server 2.0.16 |
||
carnegie mellon university cyrus imap server 2.2.2_beta |
||
carnegie mellon university cyrus imap server 2.2.3 |
||
ubuntu ubuntu linux 4.1 |
||
redhat fedora core core_2.0 |
||
redhat fedora core core_3.0 |
Vulmon