This host is running Cyrus IMAP Server and is prone to buffer overflow vulnerability.
Successful exploitation will allow attackers to crash an affected server or execute arbitrary code via a malicious SIEVE Script. Impact Level: Application
Apply patches or upgrade to the latest version, http://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sieve/script.c.diff?r1=1.67&r2=1.68 http://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sieve/script.c.diff?r1=1.62&r2=22.214.171.124&only_with_tag=cyrus-imapd-2_2-tail ***** NOTE: Ignore this warning if above mentioned patch is already applied. *****
The flaw is caused is due to error in the handling of 'SIEVE' Script, that fails to perform adequate boundary checks on user-supplied data.
Cyrus IMAP Server versions 2.3.14 and prior.
- VLC Media Player '.AVI' File BOF Vulnerability (Linux)
- VLC Media Player USF and Text Subtitles Decoders BOF Vulnerabilities (Linux)
- Terminal Server Client RDP File Processing BOF Vulnerabilities
- XnView Multiple Image Decompression Heap Overflow Vulnerabilities (Windows)
- Blue Coat K9 Web Protection Multiple Buffer Overflow Vulnerabilities