Vulnerability Note VU#336053
Cyrus IMAPd buffer overflow vulnerability
The Cyrus IMAP server contains a vulnerability that may allow an authenticated attacker to execute code.
The Cyrus IMAP mail server supports the SIEVE mail filtering language. Cyrus IMAP versions 2.2 through 2.3.14 contain a buffer overflow vulnerability that may be triggered by a specially crafted SIEVE script. To install this type of script, the attacker would need to have direct access to a mail account on the server.
An attacker with the ability to install SIEVE scripts may be able to gain elevated privileges and use the new permissions to execute code, read other user's mail, or send spoofed email messages.
The Cyrus IMAP team has released an update to address this issue. See http://lists.andrew.cmu.edu/pipermail/cyrus-announce/2009-September/000068.html for more information.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Debian GNU/Linux||Affected||04 Sep 2009||10 Sep 2009|
|SUSE Linux||Affected||04 Sep 2009||10 Sep 2009|
|The SCO Group||Affected||04 Sep 2009||08 Sep 2009|
|Slackware Linux Inc.||Not Affected||04 Sep 2009||11 Sep 2009|
|Sun Microsystems, Inc.||Not Affected||04 Sep 2009||10 Sep 2009|
|Apple Inc.||Unknown||04 Sep 2009||05 Sep 2009|
|Conectiva Inc.||Unknown||04 Sep 2009||05 Sep 2009|
|Cray Inc.||Unknown||04 Sep 2009||05 Sep 2009|
|DragonFly BSD Project||Unknown||04 Sep 2009||05 Sep 2009|
|EMC Corporation||Unknown||04 Sep 2009||05 Sep 2009|
|Engarde Secure Linux||Unknown||04 Sep 2009||05 Sep 2009|
|F5 Networks, Inc.||Unknown||04 Sep 2009||05 Sep 2009|
|Fedora Project||Unknown||04 Sep 2009||05 Sep 2009|
|FreeBSD, Inc.||Unknown||04 Sep 2009||05 Sep 2009|
|Fujitsu||Unknown||04 Sep 2009||05 Sep 2009|
CVSS Metrics (Learn More)
Thanks to the Cyrus IMAP development team and Bron Gondwana for information that was used in this report.
This document was written by Ryan Giobbi.
- CVE IDs: CVE-2009-2632
- Date Public: 07 Sep 2009
- Date First Published: 09 Sep 2009
- Date Last Updated: 11 Sep 2009
- Severity Metric: 0.56
- Document Revision: 18
If you have feedback, comments, or additional information about this vulnerability, please send us email.