Release DateJan 19, 2012 |
Severityhigh |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt against a Buffer Overflow vulnerability in Cyrus IMAPD.The vulnerability is caused by an error when the vulnerable software handles a malicious USER Command. It allows a remote attacker to execute arbitrary code via sending a crafted POP3 USER Command. |
Affected ProductsCyrus IMAP Server 2.3.2 |
Recommended ActionsUpgrade to the latest version, available from the website.http://www.cyrusimap.org/ |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2006-2502 |
Reference/shttp://www.securityfocus.com/bid/18056 (BugTraq)http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0527.html |
