FreeBSD Ports: Cyrus Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades. http://marc.theaimsgroup.com/?l=bugtraq&m=103886607825605 http://asg.web.cmu.edu/archive/message.php?mailbox=archive.info-cyrus&msg=19349 http://www.vuxml.org/freebsd/35f6fdf8-a425-11d8-9c6d-0020ed76ef5a.html

Insight

The following package is affected: cyrus CVE-2002-1580 Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347.

Severity

Classification

CVE CVE-2002-1580
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

FreeBSD Ports: apache
FreeBSD Ports: apache+mod_ssl
FreeBSD Ports: chromium
FreeBSD Ports: chromium
FreeBSD Ports: cacti

FreeBSD Ports: cyrus

Take action and discover your vulnerabilities