When the option imapmagicplus is activated on a server the
PROXY and LOGIN commands suffer a standard stack overflow,
because the username is not checked against a maximum length
when it is copied into a temporary stack buffer. This bug is
especially dangerous because it can be triggered before any
kind of authentification took place.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | cyrus-imapd | = 2.2.4 | UNKNOWN |
FreeBSD | any | noarch | cyrus-imapd | <= 2.2.8 | UNKNOWN |