Cyrus IMAP getxstring() Large Literal Unspecified

2002-06-25T02:41:26
ID OSVDB:7308
Type osvdb
Reporter OSVDB
Modified 2002-06-25T02:41:26

Description

Vulnerability Description

The Cyrus IMAP Server contains a flaw related to the handling of large literals in getxstring() that may allow an attacker to cause a denial of service or potentially execute arbitrary code. No further details have been provided.

Solution Description

Upgrade to version 2.1.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

The Cyrus IMAP Server contains a flaw related to the handling of large literals in getxstring() that may allow an attacker to cause a denial of service or potentially execute arbitrary code. No further details have been provided.

References:

Vendor URL: http://asg.web.cmu.edu/cyrus/imapd/ Vendor Specific Advisory URL