Vulnerabilities > CVE-2004-1013
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption.
Vulnerable Configurations
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2004-487.NASL description Fix several buffer overflow problems that could be used as an exploit. Fixes the following security advisories: CVE-2004-1011 CVE-2004-1012 CVE-2004-1013 CVE-2004-1015 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 15895 published 2004-12-02 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/15895 title Fedora Core 3 : cyrus-imapd-2.2.10-1.fc3 (2004-487) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2004-487. # include("compat.inc"); if (description) { script_id(15895); script_version ("1.15"); script_cvs_date("Date: 2019/08/02 13:32:23"); script_xref(name:"FEDORA", value:"2004-487"); script_name(english:"Fedora Core 3 : cyrus-imapd-2.2.10-1.fc3 (2004-487)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora Core host is missing a security update." ); script_set_attribute( attribute:"description", value: "Fix several buffer overflow problems that could be used as an exploit. Fixes the following security advisories: CVE-2004-1011 CVE-2004-1012 CVE-2004-1013 CVE-2004-1015 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); # https://lists.fedoraproject.org/pipermail/announce/2004-December/000462.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?4d5096c6" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_attribute(attribute:"risk_factor", value:"High"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:cyrus-imapd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:cyrus-imapd-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:cyrus-imapd-murder"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:cyrus-imapd-nntp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:cyrus-imapd-utils"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:perl-Cyrus"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora_core:3"); script_set_attribute(attribute:"patch_publication_date", value:"2004/12/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2004/12/02"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^3([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 3.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC3", reference:"cyrus-imapd-2.2.10-1.fc3")) flag++; if (rpm_check(release:"FC3", reference:"cyrus-imapd-devel-2.2.10-1.fc3")) flag++; if (rpm_check(release:"FC3", reference:"cyrus-imapd-murder-2.2.10-1.fc3")) flag++; if (rpm_check(release:"FC3", reference:"cyrus-imapd-nntp-2.2.10-1.fc3")) flag++; if (rpm_check(release:"FC3", reference:"cyrus-imapd-utils-2.2.10-1.fc3")) flag++; if (rpm_check(release:"FC3", reference:"perl-Cyrus-2.2.10-1.fc3")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "cyrus-imapd / cyrus-imapd-devel / cyrus-imapd-murder / etc"); }
NASL family SuSE Local Security Checks NASL id SUSE_SA_2004_043.NASL description The remote host is missing the patch for the advisory SUSE-SA:2004:043 (cyrus-imapd). Stefan Esser reported various bugs within the Cyrus IMAP Server. These include buffer overflows and out-of-bounds memory access which could allow remote attackers to execute arbitrary commands as root. The bugs occur in the pre-authentication phase, therefore an update is strongly recommended. last seen 2020-06-01 modified 2020-06-02 plugin id 15923 published 2004-12-07 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/15923 title SUSE-SA:2004:043: cyrus-imapd code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # This plugin text was extracted from SuSE Security Advisory SUSE-SA:2004:043 # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(15923); script_version ("1.10"); script_cve_id("CVE-2004-1011", "CVE-2004-1012", "CVE-2004-1013"); name["english"] = "SUSE-SA:2004:043: cyrus-imapd"; script_name(english:name["english"]); script_set_attribute(attribute:"synopsis", value: "The remote host is missing a vendor-supplied security patch" ); script_set_attribute(attribute:"description", value: "The remote host is missing the patch for the advisory SUSE-SA:2004:043 (cyrus-imapd). Stefan Esser reported various bugs within the Cyrus IMAP Server. These include buffer overflows and out-of-bounds memory access which could allow remote attackers to execute arbitrary commands as root. The bugs occur in the pre-authentication phase, therefore an update is strongly recommended." ); script_set_attribute(attribute:"solution", value: "http://www.suse.de/security/2004_43_cyrus_imapd.html" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_publication_date", value: "2004/12/07"); script_cvs_date("Date: 2019/10/25 13:36:28"); script_end_attributes(); summary["english"] = "Check for the version of the cyrus-imapd package"; script_summary(english:summary["english"]); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc."); family["english"] = "SuSE Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/SuSE/rpm-list"); exit(0); } include("rpm.inc"); if ( rpm_check( reference:"cyrus-imapd-2.1.16-56", release:"SUSE8.1") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"cyrus-imapd-2.1.12-75", release:"SUSE8.2") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"cyrus-imapd-2.1.15-89", release:"SUSE9.0") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"cyrus-imapd-2.2.3-83.19", release:"SUSE9.1") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"cyrus-imapd-2.2.8-6.3", release:"SUSE9.2") ) { security_hole(0); exit(0); } if (rpm_exists(rpm:"cyrus-imapd-", release:"SUSE8.1") || rpm_exists(rpm:"cyrus-imapd-", release:"SUSE8.2") || rpm_exists(rpm:"cyrus-imapd-", release:"SUSE9.0") || rpm_exists(rpm:"cyrus-imapd-", release:"SUSE9.1") || rpm_exists(rpm:"cyrus-imapd-", release:"SUSE9.2") ) { set_kb_item(name:"CVE-2004-1011", value:TRUE); set_kb_item(name:"CVE-2004-1012", value:TRUE); set_kb_item(name:"CVE-2004-1013", value:TRUE); }
NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-31-1.NASL description Stefan Esser discovered several buffer overflows in the Cyrus IMAP server. Due to insufficient checking within the argument parser of the last seen 2020-06-01 modified 2020-06-02 plugin id 20647 published 2006-01-15 reporter Ubuntu Security Notice (C) 2004-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20647 title Ubuntu 4.10 : cyrus21-imapd vulnerabilities (USN-31-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-31-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(20647); script_version("1.14"); script_cvs_date("Date: 2019/08/02 13:32:59"); script_cve_id("CVE-2004-1012", "CVE-2004-1013"); script_xref(name:"USN", value:"31-1"); script_name(english:"Ubuntu 4.10 : cyrus21-imapd vulnerabilities (USN-31-1)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "Stefan Esser discovered several buffer overflows in the Cyrus IMAP server. Due to insufficient checking within the argument parser of the 'partial' and 'fetch' commands, an argument like 'body[p' was detected as 'body.peek'. This could cause a buffer overflow which could be exploited to execute arbitrary attacker-supplied code. This update also fixes an exploitable buffer overflow that could be triggered in situations when memory allocation fails (i. e. when no free memory is available any more). Both vulnerabilities can lead to privilege escalation to root. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:cyrus21-admin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:cyrus21-clients"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:cyrus21-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:cyrus21-dev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:cyrus21-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:cyrus21-imapd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:cyrus21-murder"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:cyrus21-pop3d"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libcyrus-imap-perl21"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:4.10"); script_set_attribute(attribute:"patch_publication_date", value:"2004/11/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/01/15"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2004-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! ereg(pattern:"^(4\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 4.10", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"4.10", pkgname:"cyrus21-admin", pkgver:"2.1.16-6ubuntu0.1")) flag++; if (ubuntu_check(osver:"4.10", pkgname:"cyrus21-clients", pkgver:"2.1.16-6ubuntu0.1")) flag++; if (ubuntu_check(osver:"4.10", pkgname:"cyrus21-common", pkgver:"2.1.16-6ubuntu0.1")) flag++; if (ubuntu_check(osver:"4.10", pkgname:"cyrus21-dev", pkgver:"2.1.16-6ubuntu0.1")) flag++; if (ubuntu_check(osver:"4.10", pkgname:"cyrus21-doc", pkgver:"2.1.16-6ubuntu0.1")) flag++; if (ubuntu_check(osver:"4.10", pkgname:"cyrus21-imapd", pkgver:"2.1.16-6ubuntu0.1")) flag++; if (ubuntu_check(osver:"4.10", pkgname:"cyrus21-murder", pkgver:"2.1.16-6ubuntu0.1")) flag++; if (ubuntu_check(osver:"4.10", pkgname:"cyrus21-pop3d", pkgver:"2.1.16-6ubuntu0.1")) flag++; if (ubuntu_check(osver:"4.10", pkgname:"libcyrus-imap-perl21", pkgver:"2.1.16-6ubuntu0.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "cyrus21-admin / cyrus21-clients / cyrus21-common / cyrus21-dev / etc"); }
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-597.NASL description Stefan Esser discovered several security related problems in the Cyrus IMAP daemon. Due to a bug in the command parser it is possible to access memory beyond the allocated buffer in two places which could lead to the execution of arbitrary code. last seen 2020-06-01 modified 2020-06-02 plugin id 15830 published 2004-11-25 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/15830 title Debian DSA-597-1 : cyrus-imapd - buffer overflow code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-597. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(15830); script_version("1.18"); script_cvs_date("Date: 2019/08/02 13:32:18"); script_cve_id("CVE-2004-1012", "CVE-2004-1013"); script_xref(name:"DSA", value:"597"); script_name(english:"Debian DSA-597-1 : cyrus-imapd - buffer overflow"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Stefan Esser discovered several security related problems in the Cyrus IMAP daemon. Due to a bug in the command parser it is possible to access memory beyond the allocated buffer in two places which could lead to the execution of arbitrary code." ); script_set_attribute( attribute:"see_also", value:"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=282681" ); script_set_attribute( attribute:"see_also", value:"http://www.debian.org/security/2004/dsa-597" ); script_set_attribute( attribute:"solution", value: "Upgrade the cyrus-imapd package immediately. For the stable distribution (woody) these problems have been fixed in version 1.5.19-9.2" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:cyrus-imapd"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.0"); script_set_attribute(attribute:"patch_publication_date", value:"2004/11/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2004/11/25"); script_set_attribute(attribute:"vuln_publication_date", value:"2004/11/22"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"3.0", prefix:"cyrus-admin", reference:"1.5.19-9.2")) flag++; if (deb_check(release:"3.0", prefix:"cyrus-common", reference:"1.5.19-9.2")) flag++; if (deb_check(release:"3.0", prefix:"cyrus-dev", reference:"1.5.19-9.2")) flag++; if (deb_check(release:"3.0", prefix:"cyrus-imapd", reference:"1.5.19-9.2")) flag++; if (deb_check(release:"3.0", prefix:"cyrus-nntp", reference:"1.5.19-9.2")) flag++; if (deb_check(release:"3.0", prefix:"cyrus-pop3d", reference:"1.5.19-9.2")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2004-139.NASL description A number of vulnerabilities in the Cyrus-IMAP server were found by Stefan Esser. Due to insufficient checking within the argument parser of the last seen 2020-06-01 modified 2020-06-02 plugin id 15836 published 2004-11-26 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/15836 title Mandrake Linux Security Advisory : cyrus-imapd (MDKSA-2004:139) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200411-34.NASL description The remote host is affected by the vulnerability described in GLSA-200411-34 (Cyrus IMAP Server: Multiple remote vulnerabilities) Multiple vulnerabilities have been discovered in the argument parsers of the last seen 2020-06-01 modified 2020-06-02 plugin id 15833 published 2004-11-25 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/15833 title GLSA-200411-34 : Cyrus IMAP Server: Multiple remote vulnerabilities NASL family Fedora Local Security Checks NASL id FEDORA_2004-489.NASL description Fix several buffer overflow problems that could be used as an exploit. Fixes the following security advisories: CVE-2004-1011 CVE-2004-1012 CVE-2004-1013 CVE-2004-1015 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 15896 published 2004-12-02 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/15896 title Fedora Core 2 : cyrus-imapd-2.2.10-1.fc2 (2004-489) NASL family Gain a shell remotely NASL id CYRUS_IMAP_MULTIPLE_OVERFLOW.NASL description According to its banner, the remote Cyrus IMAPD server is vulnerable to one pre-authentication buffer overflow, as well as three post- authentication buffer overflows. A remote attacker could exploit these issues to crash the server, or possibly execute arbitrary code. last seen 2020-06-01 modified 2020-06-02 plugin id 15819 published 2004-11-23 reporter This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/15819 title Cyrus IMAP Server < 2.2.10 Multiple Remote Overflows NASL family MacOS X Local Security Checks NASL id MACOSX_SECUPD2005-003.NASL description The remote host is missing Security Update 2005-003. This security update contains security fixes for the following applications : - AFP Server - Bluetooth Setup Assistant - Core Foundation - Cyrus IMAP - Cyrus SASL - Folder Permissions - Mailman - Safari These programs have multiple vulnerabilities which may allow a remote attacker to execute arbitrary code. last seen 2020-06-01 modified 2020-06-02 plugin id 17587 published 2005-03-21 reporter This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/17587 title Mac OS X Multiple Vulnerabilities (Security Update 2005-003) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_C0A269D53D1611D98818008088034841.NASL description The argument parser of the fetch command suffers a bug very similiar to the partial command problem. Arguments like last seen 2020-06-01 modified 2020-06-02 plugin id 19109 published 2005-07-13 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/19109 title FreeBSD : Cyrus IMAPd -- FETCH command out of bounds memory corruption (c0a269d5-3d16-11d9-8818-008088034841)
References
- http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce&msg=143
- http://asg.web.cmu.edu/cyrus/download/imapd/changes.html
- http://marc.info/?l=bugtraq&m=110123023521619&w=2
- http://secunia.com/advisories/13274/
- http://security.e-matters.de/advisories/152004.html
- http://security.gentoo.org/glsa/glsa-200411-34.xml
- http://www.debian.org/security/2004/dsa-597
- http://www.mandriva.com/security/advisories?name=MDKSA-2004:139
- https://www.ubuntu.com/usn/usn-31-1/