FreeBSD : Cyrus IMAP pre-authentication heap overflow vulnerability (35f6fdf8-a425-11d8-9c6d-0020ed76ef5a)

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

In December 2002, Timo Sirainen reported :

Cyrus IMAP server has a remotely exploitable pre-login buffer
overflow. [...] Note that you don't have to log in before exploiting
this, and since Cyrus runs everything under one UID, it's possible to
read every user's mail in the system.

It is unknown whether this vulnerability is exploitable for code
execution on FreeBSD systems.

See also :

http://marc.info/?l=bugtraq&m=103886607825605
http://www.nessus.org/u?57728e03
http://www.nessus.org/u?cd270b5f

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.5
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 36492 (freebsd_pkg_35f6fdf8a42511d89c6d0020ed76ef5a.nasl)

Bugtraq ID: 6298

CVE ID: CVE-2002-1580

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now