VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Carnegie Mellon University
>
Cyrus Imap Server
> 2.1.7
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2005-01-10
CVE-2004-1067
Remote Unspecified vulnerability in Cyrus IMAPD
Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username.
network
low complexity
carnegie-mellon-university
redhat
ubuntu
critical
10.0
10
2005-01-10
CVE-2004-1015
Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011.
network
low complexity
carnegie-mellon-university
redhat
ubuntu
critical
10.0
10
2005-01-10
CVE-2004-1013
The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption.
network
low complexity
carnegie-mellon-university
openpkg
conectiva
redhat
trustix
ubuntu
critical
10.0
10
2005-01-10
CVE-2004-1012
The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption.
network
low complexity
carnegie-mellon-university
openpkg
conectiva
redhat
trustix
ubuntu
critical
10.0
10
2005-01-10
CVE-2004-1011
Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015.
network
low complexity
carnegie-mellon-university
openpkg
conectiva
redhat
trustix
ubuntu
critical
10.0
10