Plugin ID | 338 |
Plugin name | Cyrus IMAP server prior 2.1.11 pre-login buffer overflow |
Plugin filename | Cyrus IMAP server prior 2.1.11 pre-login buffer overflow.plugin |
Plugin filesize | 2721 bytes |
Plugin family | SMTP |
Plugin created name | Marc Ruef |
Plugin created email | marc.ruef at computec.ch |
Plugin created web | http://www.computec.ch |
Plugin created company | computec.ch |
Plugin created date | 2005/01/09 |
Plugin version | 1.0 |
Plugin protocol | tcp |
Plugin port | 143 |
Plugin procedure detection | open|sleep|close|pattern_exists *OK*Cyrus IMAP4 v[0-1].*server ready* OR *OK*Cyrus IMAP4 v2.0.#*server ready* OR *OK*Cyrus IMAP4 v2.1.[0-9] *server ready* OR *OK*Cyrus IMAP4 v2.1.1[0-1]*server ready* |
Plugin detection accuracy | 80 |
Plugin comment | The NASL script is Copyright (C) 2002 Paul Johnston, Westpoint Ltd |
Bug advisory | http://online.securityfocus.com/archive/1/301864 |
Bug produced name | Cyrus |
Bug affected | Cyrus IMAP server prior 2.1.11 |
Bug not affected | Cyrus IMAP server newer than 2.1.11 |
Bug vulnerability class | Buffer Overflow |
Bug description | According to its banner, the remote Cyrus IMAP server is vulnerable to a pre-login buffer overrun. An attacker without a valid login could exploit this, and would be able to execute arbitrary commands as the owner of the Cyrus process. This would allow full access to all users' mailboxes. More information : http://online.securityfocus.com/archive/1/301864 |
Bug solution | If possible, upgrade to an unaffected version. However, at the time of writing no official fix was available. There is a source patch against 2.1.10 in the Bugtraq report. |
Bug fixing time | Approx. 30 minutes |
Bug exploit availability | Maybe |
Bug remote | Yes |
Bug local | Yes |
Bug severity | High |
Bug popularity | 6 |
Bug simplicity | 7 |
Bug impact | 9 |
Bug risk | 7 |
Bug Nessus risk | High |
Bug check tools | Nessus can check this flaw with the plugin 11196 (Cyrus IMAP pre-login buffer overrun). |
Source Nessus ID | 11196 |
Source Literature | Hacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427 |
Source Misc. | http://www.computec.ch |