Check Point Advisories

Preemptive Protection against Cyrus IMAP Server USER Command Code Execution

Check Point Reference: CPAI-2006-052
Date Published: 27 May 2006
Severity: Medium
Last Updated: Monday 07 May, 2007
Source: FrSIRT/ADV-2006-1891
Industry Reference:CVE-2006-2502
Protection Provided by:
Who is Vulnerable? Cyrus IMAP Server versions 2.3.0 through 2.3.3
Vulnerability Description Cyrus IMAP is an IMAP server developed and maintained by Carnegie Mellon University. A vulnerability has been identified in Cyrus IMAP in the processing of overly long USER commands. The vulnerability could be exploited by remote attackers to crash a vulnerable application or execute arbitrary commands.
Update/Patch AvaliableUpgrade to Cyrus IMAP Server version 2.3.4 :
ftp://ftp.andrew.cmu.edu/pub/cyrus/cyrus-imapd-2.3.4.tar.gz
Vulnerability DetailsThe flaw is due to a buffer overflow error in the "popsubfolders" module [imap/pop3d.c] when processing an overly long argument passed to the "USER" command. Note that the affected imap/pop3d.c module is disabled by default.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK