ID de Prueba:	1.3.6.1.4.1.25623.1.0.11196
Categoría:	Gain a shell remotely
Título:	Cyrus IMAP pre-login buffer overflow
Resumen:	According to its banner, the remote Cyrus IMAP; server is vulnerable to a pre-login buffer overrun.
Descripción:	Summary: According to its banner, the remote Cyrus IMAP server is vulnerable to a pre-login buffer overrun. Vulnerability Impact: An attacker without a valid login could exploit this, and would be able to execute arbitrary commands as the owner of the Cyrus process. This would allow full access to all users' mailboxes. Solution: If possible, upgrade to an unaffected version. However, at the time of writing no official fix was available. There is a source patch against 2.1.10 in the referenced Bugtraq report. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2002-1580 BugTraq ID: 6298 http://www.securityfocus.com/bid/6298 Bugtraq: 20021202 pre-login buffer overflow in Cyrus IMAP server (Google Search) http://www.securityfocus.com/archive/1/301864 CERT/CC vulnerability note: VU#740169 http://www.kb.cert.org/vuls/id/740169 Conectiva Linux advisory: 000557 http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000557 Conectiva Linux advisory: CLA-2002:557 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000557 Debian Security Information: DSA-215 (Google Search) http://www.debian.org/security/2002/dsa-215 XForce ISS Database: cyrus-imap-preauth-bo(10744) https://exchange.xforce.ibmcloud.com/vulnerabilities/10744
Copyright	Copyright (C) 2002 Paul Johnston, Westpoint Ltd

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.