IMAP: Vulnerable Cyrus Version ( < 2.2.11)

This signature detects Cyrus IMAP Server versions earlier than 2.2.11, which contain buffer overflow vulnerabilities. Attackers can execute malicious code on a remote Cyrus IMAP server.

Extended Description

A memory corruption vulnerability has been discovered in SASL when generating logs files. It has been reported that under some circumstances SASL fails to allocate sufficient memory for string used in log entries. By causing Cyrus to generate a malicious log it may be possible for an attacker to corrupt memory. This could potentially be exploited to overwrite the LSB of a sensitive variable or possibly cause inaccurate logs to be created. It should be noted that although this vulnerability was discovered in Cyrus, it may also affect other programs that utilize the SASL library.

Affected Products

Apple mac_os_x

References

BugTraq: 6349

CVE: CVE-2002-1347

URL: http://online.securityfocus.com/archive/1/301864 http://www.debian.org/security/2002/dsa-215 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000557

Short Name

IMAP:VULN:CYRUS-2-1-11

Severity

Info

Recommended

False

Recommended Action

None

IMAP: Vulnerable Cyrus Version ( < 2.2.11)

Extended Description

Affected Products

References

Found a potential security threat?