IMAP: Cyrus Partial Command Buffer Overflow
This signature detects attempts to exploit a known vulnerability against the Cyrus IMAP server. Attackers can use a malformed command to overflow a buffer and take control of the server.
Extended Description
Several remote buffer overflow and heap corruption vulnerabilities in versions of Cyrus IMAPD up to 2.2.8 have been identified. These vulnerabilities reportedly allow remote, attacker-supplied machine code to be executed in the context of the affected server process. Cyrus-IMAPD is usually running as a non-privileged user.
Affected Products
Apple mac_os_x
References
BugTraq: 11729
CVE: CVE-2004-1012
URL: http://www.debian.org/security/2004/dsa-597 http://marc.theaimsgroup.com/?l=bugtraq&m=110134117423743&w=2
Short Name
IMAP:CYRUS:PARTIAL-CMD
Severity
Major
Recommended
False
Recommended Action
Drop
Category
IMAP
Keywords
Buffer CVE-2004-1012 Command Cyrus Overflow Partial bid:11729
Release Date
12/02/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Red_hat
Conectiva
Apple
Trustix
Openpkg
Carnegie_mellon_university
Ubuntu
CVSS Score
10.0