Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSDB2D248AD-88F6-11D9-AA18-0001020EED82
HistoryFeb 14, 2005 - 12:00 a.m.

cyrus-imapd -- multiple buffer overflow vulnerabilities

2005-02-1400:00:00
vuxml.freebsd.org
23

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

86.1%

JSON

The Cyrus IMAP Server ChangeLog states:

Fix possible single byte overflow in mailbox handling
code.
Fix possible single byte overflows in the imapd
annotate extension.
Fix stack buffer overflows in fetchnews (exploitable
by peer news server), backend (exploitable by admin),
and in imapd (exploitable by users though only on
platforms where a filename may be larger than a mailbox
name).

The 2.1.X series are reportedly only affected by the second
issue.
These issues may lead to execution of arbitrary code with
the permissions of the user running the Cyrus IMAP
Server.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchcyrus-imapd< 2.1.18UNKNOWN

Related

nessus 8
centos 1
openvas 5
cve 1
redhat 1
cvelist 1
ubuntu 1
nvd 1
gentoo 1
ubuntucve 1
nessus
nessus
Mandrake Linux Security Advisory : cyrus-imapd (MDKSA-2005:051)
2005-03-06 00:00:00
Fedora Core 3 : cyrus-imapd-2.2.12-1.1.fc3 (2005-339)
2012-09-24 00:00:00
CentOS 4 : cyrus-imapd (CESA-2005:408)
2006-07-05 00:00:00
centos
centos
cyrus, perl security update
2005-05-17 23:27:18
openvas
openvas
FreeBSD Ports: cyrus-imapd
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200502-29 (cyrus-imapd)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200502-29 (cyrus-imapd)
2008-09-24 00:00:00
cve
cve
CVE-2005-0546
2005-05-02 04:00:00
redhat
redhat
(RHSA-2005:408) cyrus-imapd security update
2005-05-17 00:00:00
cvelist
cvelist
CVE-2005-0546
2005-02-25 05:00:00
ubuntu
ubuntu
Cyrus IMAP server vulnerability
2005-02-28 00:00:00
nvd
nvd
CVE-2005-0546
2005-05-02 04:00:00
gentoo
gentoo
Cyrus IMAP Server: Multiple overflow vulnerabilities
2005-02-23 00:00:00
ubuntucve
ubuntucve
CVE-2005-0546
2005-05-02 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

86.1%

JSON
Related for B2D248AD-88F6-11D9-AA18-0001020EED82
nessus8centos1openvas5cve1redhat1cvelist1ubuntu1nvd1gentoo1ubuntucve1