This host is running Cyrus IMAP Server and is prone to buffer overflow vulnerability.
Successful exploitation will allow attackers to crash an affected server or execute arbitrary code via a malicious SIEVE Script. Impact Level: Application
Apply patches or upgrade to the latest version, http://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sieve/script.c.diff?r1=1.67&r2=1.68 http://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sieve/script.c.diff?r1=1.62&r2=22.214.171.124&only_with_tag=cyrus-imapd-2_2-tail ***** NOTE: Ignore this warning if above mentioned patch is already applied. *****
The flaw is caused is due to error in the handling of 'SIEVE' Script, that fails to perform adequate boundary checks on user-supplied data.
Cyrus IMAP Server versions 2.3.14 and prior.
- VLC Media Player USF and Text Subtitles Decoders BOF Vulnerabilities (Linux)
- Blue Coat K9 Web Protection Multiple Buffer Overflow Vulnerabilities
- KMPlayer '.mp3' File Remote Buffer Overflow Vulnerability
- Simple Web Server Connection Header Buffer Overflow Vulnerability
- VLC Media Player 'MP4_ReadBox_skcr()' Buffer Overflow Vulnerability (Linux)