Lucene search
FreeBSD816FDD8B-3D14-11D9-8818-008088034841HistoryNov 06, 2004 - 12:00 a.m.
Cyrus IMAPd -- IMAPMAGICPLUS preauthentification overflow
2004-11-0600:00:00
vuxml.freebsd.org
14
0.104 Low
EPSS
Percentile
95.0%
When the option imapmagicplus is activated on a server the
PROXY and LOGIN commands suffer a standard stack overflow,
because the username is not checked against a maximum length
when it is copied into a temporary stack buffer. This bug is
especially dangerous because it can be triggered before any
kind of authentification took place.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | cyrus-imapd | = 2.2.4 | UNKNOWN |
| FreeBSD | any | noarch | cyrus-imapd | <= 2.2.8 | UNKNOWN |
Related
nessus
nessus
FreeBSD : Cyrus IMAPd -- IMAPMAGICPLUS preauthentification overflow (816fdd8b-3d14-11d9-8818-008088034841)
2005-07-13 00:00:00
SUSE-SA:2004:043: cyrus-imapd
2004-12-07 00:00:00
GLSA-200411-34 : Cyrus IMAP Server: Multiple remote vulnerabilities
2004-11-25 00:00:00
cvelist
cvelist
CVE-2004-1015
2004-12-01 05:00:00
CVE-2004-1011
2004-12-01 05:00:00
debiancve
debiancve
CVE-2004-1015
2005-01-10 05:00:00
CVE-2004-1011
2005-01-10 05:00:00
ubuntucve
ubuntucve
CVE-2004-1015
2005-01-10 00:00:00
CVE-2004-1011
2005-01-10 00:00:00
openvas
openvas
FreeBSD Ports: cyrus-imapd
2008-09-04 00:00:00
FreeBSD Ports: cyrus-imapd
2008-09-04 00:00:00
FreeBSD Ports: cyrus-imapd
2008-09-04 00:00:00
cve
cve
CVE-2004-1011
2005-01-10 05:00:00
CVE-2004-1015
2005-01-10 05:00:00
suse
suse
remote command execution in cyrus-imapd
2004-12-03 13:37:30
altlinux
altlinux
Security fix for the ALT Linux 8 package cyrus-imapd version 2.2.9-alt1
2004-11-23 00:00:00
securityvulns
securityvulns
Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities
2004-11-24 00:00:00
gentoo
gentoo
Cyrus IMAP Server: Multiple remote vulnerabilities
2004-11-25 00:00:00