exploits , vulnerabilities , articles , Cyrus IMAPD Multiple Remote Vulnerabilities

Title	Cyrus IMAPD Multiple Remote Vulnerabilities
Published	2004-11-23-12:00AM
Updated	2005-03-30-03:15PM
Class	Boundary Condition Error
CVE	CAN-2004-1011 CAN-2004-1012 CAN-2004-1013
Remote	Yes
Local	No
Credit	Stefan Esser <s.esser@ematters.de> disclosed these vulnerabilities.
Vulnerable	Ubuntu Ubuntu Linux 4.1 ppc Ubuntu Ubuntu Linux 4.1 ia64 Ubuntu Ubuntu Linux 4.1 ia32 Trustix Secure Linux 2.2 Trustix Secure Linux 2.1 Trustix Secure Linux 2.0 Trustix Secure Enterprise Linux 2.0 RedHat Fedora Core3 RedHat Fedora Core2 OpenPKG OpenPKG Current Conectiva Linux 10.0 Conectiva Linux 9.0 Carnegie Mellon University Cyrus IMAP Server 2.2.8 MandrakeSoft Linux Mandrake 10.1 MandrakeSoft Linux Mandrake 10.1 x86_64 Carnegie Mellon University Cyrus IMAP Server 2.2.7 Carnegie Mellon University Cyrus IMAP Server 2.2.6 Carnegie Mellon University Cyrus IMAP Server 2.2.5 Carnegie Mellon University Cyrus IMAP Server 2.2.4 Carnegie Mellon University Cyrus IMAP Server 2.2.3 Carnegie Mellon University Cyrus IMAP Server 2.2.2 BETA Carnegie Mellon University Cyrus IMAP Server 2.2.1 BETA Carnegie Mellon University Cyrus IMAP Server 2.2 .0 ALPHA Carnegie Mellon University Cyrus IMAP Server 2.1.16 MandrakeSoft Linux Mandrake 10.0 MandrakeSoft Linux Mandrake 10.0 amd64 Ubuntu Ubuntu Linux 4.1 ia32 Ubuntu Ubuntu Linux 4.1 ia64 Ubuntu Ubuntu Linux 4.1 ppc Carnegie Mellon University Cyrus IMAP Server 2.1.10 Carnegie Mellon University Cyrus IMAP Server 2.1.9 S.u.S.E. Linux 8.1 Carnegie Mellon University Cyrus IMAP Server 2.1.7 Apple Mac OS X Server 10.3.8 Apple Mac OS X Server 10.3.7 Apple Mac OS X Server 10.3.6 Apple Mac OS X Server 10.3.5 Apple Mac OS X Server 10.3.4 Apple Mac OS X Server 10.3.3 Apple Mac OS X Server 10.3.2 Apple Mac OS X Server 10.3.1 Apple Mac OS X Server 10.3 Apple Mac OS X Server 10.2.8 Apple Mac OS X Server 10.2.7 Apple Mac OS X Server 10.2.6 Apple Mac OS X Server 10.2.5 Apple Mac OS X Server 10.2.4 Apple Mac OS X Server 10.2.3 Apple Mac OS X Server 10.2.2 Apple Mac OS X Server 10.2.1 Apple Mac OS X Server 10.2 Apple Mac OS X Server 10.1.5 Apple Mac OS X Server 10.1.4 Apple Mac OS X Server 10.1.3 Apple Mac OS X Server 10.1.2 Apple Mac OS X Server 10.1.1 Apple Mac OS X Server 10.1 Apple Mac OS X Server 10.0
Not Vulnerable	Carnegie Mellon University Cyrus IMAP Server 2.2.10 Conectiva Linux 10.0 RedHat Fedora Core2 RedHat Fedora Core3 Trustix Secure Enterprise Linux 2.0 Trustix Secure Linux 2.0 Trustix Secure Linux 2.1 Trustix Secure Linux 2.2 Carnegie Mellon University Cyrus IMAP Server 2.2.9 Carnegie Mellon University Cyrus IMAP Server 2.1.17 Conectiva Linux 9.0
Code	CORE has developed a working commercial exploit for their IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild. crash-x/unl0ck have released exploit code (unrealmagic.c) for the vulnerability affecting 'IMAPMAGICPLUS' support (CAN-2004-1011). /data/vulnerabilities/exploits/unrealmagic.c
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-18 Family Connections Multiple Input Validation Vulnerabilities
2009-12-18 Drupal Contact and Menu Modules Multiple HTML Injection Vulnerabilities
2009-12-18 Mozilla Firefox and SeaMonkey NTLM Credential Reflection Authentication Bypass Vulnerability
2009-12-18 Mozilla Firefox CVE-2009-3982 JavaScript Engine Multiple Remote Memory Corruption Vulnerabilities
2009-12-17 Zen Cart Insecure File and Programs Information Disclosure and Database Deletion Vulnerability
2009-12-17 Winamp Module Decoder Plugin Multiple Buffer Overflow Vulnerabilities
2009-12-17 Winamp JPEG and PNG Multiple Integer Overflow Vulnerabilities
2009-12-17 HP OpenView Storage Data Protector Stack Buffer Overflow Vulnerability
2009-12-17 IBM WebSphere Application Server Feature Pack for CEA Spoofing Vulnerability
2009-12-17 Digital Scribe Cross Site Scripting and SQL Injection Vulnerabilities