Lucene search

[email protected]CVE-2004-1011

HistoryJan 10, 2005 - 5:00 a.m.

CVE-2004-1011

2005-01-1005:00:00

[email protected]

web.nvd.nist.gov

cve-2004-1011

buffer overflow

cyrus imap server

remote code execution

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.7 High

AI Score

Confidence

High

0.104 Low

EPSS

Percentile

95.0%

JSON

Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015.

Affected configurations

NVD

Node

carnegie_mellon_universitycyrus_imap_serverMatch2.1.7

carnegie_mellon_universitycyrus_imap_serverMatch2.1.9

carnegie_mellon_universitycyrus_imap_serverMatch2.1.10

carnegie_mellon_universitycyrus_imap_serverMatch2.1.16

carnegie_mellon_universitycyrus_imap_serverMatch2.2.0_alpha

carnegie_mellon_universitycyrus_imap_serverMatch2.2.1_beta

carnegie_mellon_universitycyrus_imap_serverMatch2.2.2_beta

carnegie_mellon_universitycyrus_imap_serverMatch2.2.3

carnegie_mellon_universitycyrus_imap_serverMatch2.2.4

carnegie_mellon_universitycyrus_imap_serverMatch2.2.5

carnegie_mellon_universitycyrus_imap_serverMatch2.2.6

carnegie_mellon_universitycyrus_imap_serverMatch2.2.7

carnegie_mellon_universitycyrus_imap_serverMatch2.2.8

openpkgopenpkgMatchcurrent

conectivalinuxMatch9.0

conectivalinuxMatch10.0

Node

redhatfedora_coreMatchcore_2.0

redhatfedora_coreMatchcore_3.0

trustixsecure_linuxMatch2.0

trustixsecure_linuxMatch2.1

trustixsecure_linuxMatch2.2

ubuntuubuntu_linuxMatch4.1ia64

ubuntuubuntu_linuxMatch4.1ppc

CPENameOperatorVersion
carnegie_mellon_university:cyrus_imap_servercarnegie mellon university cyrus imap servereq2.1.7
carnegie_mellon_university:cyrus_imap_servercarnegie mellon university cyrus imap servereq2.1.9
carnegie_mellon_university:cyrus_imap_servercarnegie mellon university cyrus imap servereq2.1.10
carnegie_mellon_university:cyrus_imap_servercarnegie mellon university cyrus imap servereq2.1.16
carnegie_mellon_university:cyrus_imap_servercarnegie mellon university cyrus imap servereq2.2.0_alpha
carnegie_mellon_university:cyrus_imap_servercarnegie mellon university cyrus imap servereq2.2.1_beta
carnegie_mellon_university:cyrus_imap_servercarnegie mellon university cyrus imap servereq2.2.2_beta
carnegie_mellon_university:cyrus_imap_servercarnegie mellon university cyrus imap servereq2.2.3
carnegie_mellon_university:cyrus_imap_servercarnegie mellon university cyrus imap servereq2.2.4
carnegie_mellon_university:cyrus_imap_servercarnegie mellon university cyrus imap servereq2.2.5

CPE	Name	Operator	Version
carnegie_mellon_university:cyrus_imap_server	carnegie mellon university cyrus imap server	eq	2.1.7
carnegie_mellon_university:cyrus_imap_server	carnegie mellon university cyrus imap server	eq	2.1.9
carnegie_mellon_university:cyrus_imap_server	carnegie mellon university cyrus imap server	eq	2.1.10
carnegie_mellon_university:cyrus_imap_server	carnegie mellon university cyrus imap server	eq	2.1.16
carnegie_mellon_university:cyrus_imap_server	carnegie mellon university cyrus imap server	eq	2.2.0_alpha
carnegie_mellon_university:cyrus_imap_server	carnegie mellon university cyrus imap server	eq	2.2.1_beta
carnegie_mellon_university:cyrus_imap_server	carnegie mellon university cyrus imap server	eq	2.2.2_beta
carnegie_mellon_university:cyrus_imap_server	carnegie mellon university cyrus imap server	eq	2.2.3
carnegie_mellon_university:cyrus_imap_server	carnegie mellon university cyrus imap server	eq	2.2.4
carnegie_mellon_university:cyrus_imap_server	carnegie mellon university cyrus imap server	eq	2.2.5