IMAP: Cyrus IMAP Server LOGIN Overflow
This signature detects attempts to exploit a known vulnerability in the Cyrus IMAP Server. Attackers can send an overly long LOGIN command to compromise the server, enabling them to control the server with the privileges of the running process.
Extended Description
Several remote buffer overflow and heap corruption vulnerabilities in versions of Cyrus IMAPD up to 2.2.8 have been identified. These vulnerabilities reportedly allow remote, attacker-supplied machine code to be executed in the context of the affected server process. Cyrus-IMAPD is usually running as a non-privileged user.
Affected Products
Apple mac_os_x
Short Name
IMAP:CYRUS:LOGIN-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
IMAP
Keywords
CVE-2004-1011 CVE-2006-1255 Cyrus IMAP LOGIN Overflow Server bid:11729 bid:17138
Release Date
05/03/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Red_hat
Conectiva
Apple
Trustix
Openpkg
Carnegie_mellon_university
Ubuntu
CVSS Score
10.0