CVE-2005-0546

NONE EPSS 89.8%
Published May 2, 200521y ago · Modified Jun 16, 20262w ago
Find Similar
Published May 2, 2005 21y ago
Last Modified Jun 16, 2026 2w ago

Description

Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attackers to execute arbitrary code via (1) an off-by-one error in the imapd annotate extension, (2) an off-by-one error in "cached header handling," (3) a stack-based buffer overflow in fetchnews, or (4) a stack-based buffer overflow in imapd.

Threat Intelligence

EPSS Exploit Probability
89.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 5

VendorProductVersionRange
cyrusimapd2.0.17any
cyrusimapd2.1.16any
cyrusimapd2.1.17any
cyrusimapd2.1.18any
cyrusimapd2.2.10any

References 12

  • asg.web.cmu.edu http://asg.web.cmu.edu/archive/message.php?mailbox=archive.info-cyrus&msg=33723
    Patch
  • bugs.gentoo.org http://bugs.gentoo.org/show_bug.cgi?id=82404
  • distro.conectiva.com.br http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000937
    Vendor Advisory
  • marc.info http://marc.info/?l=bugtraq&m=110972236203397&w=2
  • secunia.com http://secunia.com/advisories/14383
    PatchVendor Advisory
  • security.gentoo.org http://security.gentoo.org/glsa/glsa-200502-29.xml
    PatchVendor Advisory
  • securitytracker.com http://securitytracker.com/id?1013278
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2005:051
  • redhat.com http://www.redhat.com/support/errata/RHSA-2005-408.html
  • securityfocus.com http://www.securityfocus.com/archive/1/430294/100/0/threaded
  • securityfocus.com http://www.securityfocus.com/bid/12636
  • oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10674

Remediation

  • asg.web.cmu.edu http://asg.web.cmu.edu/archive/message.php?mailbox=archive.info-cyrus&msg=33723
    Patch
  • secunia.com http://secunia.com/advisories/14383
    PatchVendor Advisory
  • security.gentoo.org http://security.gentoo.org/glsa/glsa-200502-29.xml
    PatchVendor Advisory