Lucene search
FreeBSD35F6FDF8-A425-11D8-9C6D-0020ED76EF5AHistoryDec 02, 2002 - 12:00 a.m.
Cyrus IMAP pre-authentication heap overflow vulnerability
2002-12-0200:00:00
vuxml.freebsd.org
12
0.393 Low
EPSS
Percentile
97.2%
In December 2002, Timo Sirainen reported:
Cyrus IMAP server has a remotely exploitable pre-login
buffer overflow. […] Note that you don’t have to log in
before exploiting this, and since Cyrus
runs everything under one UID, it’s possible to read every
user’s mail in the system.
It is unknown whether this vulnerability is exploitable for code
execution on FreeBSD systems.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | cyrus-imapd | < 2.0.17 | UNKNOWN |
Related
nessus
nessus
FreeBSD : Cyrus IMAP pre-authentication heap overflow vulnerability (33)
2004-07-06 00:00:00
Debian DSA-215-1 : cyrus-imapd - buffer overflow
2004-09-29 00:00:00
osv
osv
cyrus-imapd - buffer overflow
2002-12-23 00:00:00
openvas
openvas
Cyrus IMAP pre-login buffer overflow
2005-11-03 00:00:00
FreeBSD Ports: cyrus
2008-09-04 00:00:00
FreeBSD Ports: cyrus
2008-09-04 00:00:00
cve
cve
CVE-2002-1580
2004-06-14 04:00:00
cvelist
cvelist
CVE-2002-1580
2004-05-20 04:00:00
debiancve
debiancve
CVE-2002-1580
2004-06-14 04:00:00