Download
| Alert*
|
oval:org.secpod.oval:def:300830
A vulnerability has been found and corrected in cyrus-imapd: Buffer overflow in the SIEVE script component in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14 allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect us ... oval:org.secpod.oval:def:300861 A vulnerability has been found and corrected in cyrus-imapd: Buffer overflow in the SIEVE script component in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14 allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect us ... oval:org.mitre.oval:def:8390 It was discovered that the SIEVE component of dovecot, a mail server that supports mbox and maildir mailboxes, is vulnerable to a buffer overflow when processing SIEVE scripts. This can be used to elevate privileges to the dovecot system user. An attacker who is able to install SIEVE scripts execute ... oval:org.secpod.oval:def:101915 Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plugins are in their subpackages. oval:org.secpod.oval:def:3879 The host is installed with Apple Mac OS X and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle a maliciously crafted sieve script. Successful exploitation could allow attackers to obtain the privileges of the Cyrus user. oval:org.secpod.oval:def:202794 The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. Multiple buffer overflow flaws were found in the Cyrus IMAP Sieve implementation. An authenticated user able to create Sieve mail filtering rules could use these flaws to execute arbitrary code ... oval:org.secpod.oval:def:202144 The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. Multiple buffer overflow flaws were found in the Cyrus IMAP Sieve implementation. An authenticated user able to create Sieve mail filtering rules could use these flaws to execute arbitrary code ... oval:org.mitre.oval:def:7226 It was discovered that the SIEVE component of cyrus-imapd, a highly scalable enterprise mail system, is vulnerable to a buffer overflow when processing SIEVE scripts. Due to incorrect use of the sizeof() operator an attacker is able to pass a negative length to snprintf() calls resulting in large po ... oval:org.secpod.oval:def:202032 The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. Multiple buffer overflow flaws were found in the Cyrus IMAP Sieve implementation. An authenticated user able to create Sieve mail filtering rules could use these flaws to execute arbitrary code ... oval:org.secpod.oval:def:202720 The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. Multiple buffer overflow flaws were found in the Cyrus IMAP Sieve implementation. An authenticated user able to create Sieve mail filtering rules could use these flaws to execute arbitrary code ... oval:org.secpod.oval:def:600280 It was discovered that the SIEVE component of cyrus-imapd, a highly scalable enterprise mail system, is vulnerable to a buffer overflow when processing SIEVE scripts. Due to incorrect use of the sizeof operator an attacker is able to pass a negative length to snprintf calls resulting in large positi ... oval:org.secpod.oval:def:500529 The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. Multiple buffer overflow flaws were found in the Cyrus IMAP Sieve implementation. An authenticated user able to create Sieve mail filtering rules could use these flaws to execute arbitrary code ... oval:org.mitre.oval:def:7879 It was discovered that the SIEVE component of cyrus-imapd and kolab-cyrus-imapd, the Cyrus mail system, is vulnerable to a buffer overflow when processing SIEVE scripts. This can be used to elevate privileges to the cyrus system user. An attacker who is able to install SIEVE scripts executed by the ... oval:org.secpod.oval:def:700425 It was discovered that the ACL plugin in Dovecot would incorrectly handle negative access rights. An attacker could exploit this flaw to access the Dovecot server, bypassing the indended access restrictions. This only affected Ubuntu 8.04 LTS. It was discovered that the ManageSieve service in Dovec ... oval:org.secpod.oval:def:3869 The host is missing an important security update according to Apple advisory, APPLE-SA-2010-03-29-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly sanitize user supplied input. Successful exploitation could allow attackers t ... |
