The Cyrus IMAP server contains a vulnerability that may allow an authenticated attacker to execute code.
The Cyrus IMAP mail server supports the SIEVE mail filtering language. Cyrus IMAP versions 2.2 through 2.3.14 contain a buffer overflow vulnerability that may be triggered by a specially crafted SIEVE script. To install this type of script, the attacker would need to have direct access to a mail account on the server.
An attacker with the ability to install SIEVE scripts may be able to gain elevated privileges and use the new permissions to execute code, read other user's mail, or send spoofed email messages.
The Cyrus IMAP team has released an update to address this issue. See http://lists.andrew.cmu.edu/pipermail/cyrus-announce/2009-September/000068.html for more information.
Debian GNU/Linux Affected
SUSE Linux Affected
The SCO Group Affected
Slackware Linux Inc. Not Affected
Sun Microsystems, Inc. Not Affected
Apple Inc. Unknown
Conectiva Inc. Unknown
Cray Inc. Unknown
DragonFly BSD Project Unknown
EMC Corporation Unknown
Engarde Secure Linux Unknown
F5 Networks, Inc. Unknown
Fedora Project Unknown
FreeBSD, Inc. Unknown
Gentoo Linux Unknown
Hewlett-Packard Company Unknown
IBM Corporation Unknown
IBM eServer Unknown
Juniper Networks, Inc. Unknown
Mandriva S. A. Unknown
Microsoft Corporation Unknown
MontaVista Software, Inc. Unknown
NEC Corporation Unknown
Novell, Inc. Unknown
Openwall GNU/*/Linux Unknown
QNX Software Systems Inc. Unknown
Red Hat, Inc. Unknown
Silicon Graphics, Inc. Unknown
Sony Corporation Unknown
Wind River Systems, Inc. Unknown
Thanks to the Cyrus IMAP development team and Bron Gondwana for information that was used in this report.
This document was written by Ryan Giobbi.
|Date First Published:||2009-09-09|
|Date Last Updated:||2009-09-11 13:15 UTC|