Cyrus IMAP server prior 2.2.10 multiple remote vulnerabilities 1.0
 
Plugin ID339
Plugin nameCyrus IMAP server prior 2.2.10 multiple remote vulnerabilities
Plugin filenameCyrus IMAP server prior 2.2.10 multiple remote vulnerabilities.plugin
Plugin filesize2482 bytes
Plugin familySMTP
Plugin created nameMarc Ruef
Plugin created emailmarc.ruef at computec.ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2005/01/09
Plugin version1.0
Plugin protocoltcp
Plugin port143
Plugin procedure detectionopen|sleep|close|pattern_exists "(1\..*|2\.([0-1]\..*|2\.[0-9][0-9].*))"*
Plugin detection accuracy80
Plugin commentThe NASL script is Copyright (C) 2004 Tenable Network Security
Bug produced nameCyrus
Bug affectedCyrus IMAP server prior 2.2.10
Bug not affectedCyrus IMAP server newer than 2.2.10
Bug vulnerability classUnknown
Bug descriptionAccording to its banner, the remote Cyrus IMAPD server is vulnerable to a remote buffer pre-authentication overflow as well as three post-authentication overflows. An attacker with or without a valid login could exploit those, and would be able to execute arbitrary commands as the owner of the Cyrus process.
Bug solutionUpgrade to Cyrus IMAPD 2.2.10 or newer.
Bug fixing timeApprox. 30 minutes
Bug exploit availabilityMaybe
Bug exploit urlhttp://www.securityfocus.com/bid/11729/exploit/
Bug remoteYes
Bug localYes
Bug severityHigh
Bug popularity6
Bug simplicity6
Bug impact9
Bug risk7
Bug Nessus riskHigh
Bug check toolsNessus can check this flaw with the plugin 15819 (Cyrus IMAPD Multiple Remote Vulnerabilities).
Source SecurityFocus BID11729
Source Nessus ID15819
Source LiteratureHacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
Source Misc.http://www.computec.ch

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.