LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

LWN.net Weekly Edition for September 4, 2008

The Kernel Hacker's Bookshelf: UNIX Internals

DRI, BSD, and Linux

SCHED_FIFO and realtime throttling

LWN.net Weekly Edition for August 28, 2008

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

cyrus-imapd - Remote command execution vulnerability

Package(s):cyrus-imapd CVE #(s):
Created:December 29, 2002 Updated:January 1, 2003
Description: The Cyrus IMAP Server is an e-mail application that uses the Internet Message Access Protocol (IMAP). It allows an user to perform certain mail functions on a remote server rather than on a local computer.

Timo Sirainen discovered[1] a remotely exploitable pre-login buffer overflow in cyrus imapd. The problem resides in the way memory is managed (an integer overflow can cause less memory than needed to be allocated).

This vulnerability[2] may be exploited prior to authentication to the IMAP server and could allow a remote attacker to read other users' mail and to execute arbitrary code with the privileges of the user running the IMAP server (Conectiva Linux has a special unprivileged user called 'cyrus' responsible for that).

REFERENCES: 1.http://online.securityfocus.com/archive/1/301864
2.http://www.kb.cert.org/vuls/id/740169

Alerts:
Conectiva CLA-2002:557 2002-12-27
Debian DSA-215-1 2002-12-23
(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds