The Cyrus IMAP server contains a vulnerability that may allow an authenticated attacker to execute code.
The Cyrus IMAP mail server supports the SIEVE mail filtering language. Cyrus IMAP versions 2.2 through 2.3.14 contain a buffer overflow vulnerability that may be triggered by a specially crafted SIEVE script. To install this type of script, the attacker would need to have direct access to a mail account on the server.
An attacker with the ability to install SIEVE scripts may be able to gain elevated privileges and use the new permissions to execute code, read other user's mail, or send spoofed email messages.
The Cyrus IMAP team has released an update to address this issue. See http://lists.andrew.cmu.edu/pipermail/cyrus-announce/2009-September/000068.html for more information.
Thanks to the Cyrus IMAP development team and Bron Gondwana for information that was used in this report.
This document was written by Ryan Giobbi.
|Date First Published:||2009-09-09|
|Date Last Updated:||2009-09-11 13:15 UTC|