Cyrus IMAPD Multiple Remote Buffer Overflow Vulnerabilities
Cyrus IMAPD is reported susceptible to multiple remote vulnerabilities. These vulnerabilities include multiple buffer-overflow issues that may allow remote attackers to execute machine code in the context of the server process. This may lead to unauthorized access or privilege escalation.
The following specific issues were identified:
- Multiple one-byte buffer-overflow vulnerabilities affecting the IMAP annotate extension (the mailbox handling code) and the routines that handle cached headers.
- Multiple stack-based overflow vulnerabilities affecting fetchnews, backend, and imapd.
Cyrus IMAPD 2.0.11 and prior versions are affected by these issues.
Due to a lack of details, further information is not available at the moment. This BID will be updated when more information becomes available.