Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Cyrus IMAPD < 2.2.10 Multiple Vulnerabilities

High

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

According to its banner, the remote Cyrus IMAPD server is vulnerable to a pre-login buffer overflow. Cyrus IMAP server is also vulnerable to three other buffer overflows after authentication. An attacker with or without a valid login could exploit these issues, and would be able to execute arbitrary commands as the owner of the Cyrus process.

Solution

Upgrade to Cyrus IMAPD 2.2.10 or higher.