Search

Find a vulnerability

Search criteria

    20 vulnerabilities by carnegie_mellon_university

    CVE-2009-0688 (GCVE-0-2009-0688)

    Vulnerability from nvd – Published: 2009-05-15 15:00 – Updated: 2024-08-07 04:40
    VLAI
    Summary
    Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/54515 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/35239 third-party-advisoryx_refsource_SECUNIA
    http://www.us-cert.gov/cas/techalerts/TA10-103B.html third-party-advisoryx_refsource_CERT
    http://secunia.com/advisories/35321 third-party-advisoryx_refsource_SECUNIA
    http://www.kb.cert.org/vuls/id/238019 third-party-advisoryx_refsource_CERT-VN
    http://secunia.com/advisories/35497 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/35102 third-party-advisoryx_refsource_SECUNIA
    http://slackware.com/security/viewer.php?l=slackw… vendor-advisoryx_refsource_SLACKWARE
    http://secunia.com/advisories/35746 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/39428 third-party-advisoryx_refsource_SECUNIA
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://secunia.com/advisories/35094 third-party-advisoryx_refsource_SECUNIA
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    http://www.debian.org/security/2009/dsa-1807 vendor-advisoryx_refsource_DEBIAN
    http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0091 x_refsource_CONFIRM
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/35097 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2009/1313 vdb-entryx_refsource_VUPEN
    http://www.vupen.com/english/advisories/2009/2012 vdb-entryx_refsource_VUPEN
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://security.gentoo.org/glsa/glsa-200907-09.xml vendor-advisoryx_refsource_GENTOO
    http://support.apple.com/kb/HT4077 x_refsource_CONFIRM
    http://www.oracle.com/technetwork/topics/security… x_refsource_CONFIRM
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://secunia.com/advisories/35206 third-party-advisoryx_refsource_SECUNIA
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.redhat.com/support/errata/RHSA-2009-11… vendor-advisoryx_refsource_REDHAT
    http://www.securityfocus.com/bid/34961 vdb-entryx_refsource_BID
    http://secunia.com/advisories/35416 third-party-advisoryx_refsource_SECUNIA
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://osvdb.org/54514 vdb-entryx_refsource_OSVDB
    http://www.ubuntu.com/usn/usn-790-1 vendor-advisoryx_refsource_UBUNTU
    http://www.securitytracker.com/id?1022231 vdb-entryx_refsource_SECTRACK
    ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sas… x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2009-04-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T04:40:05.371Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "54515",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/54515"
              },
              {
                "name": "35239",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35239"
              },
              {
                "name": "TA10-103B",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"
              },
              {
                "name": "35321",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35321"
              },
              {
                "name": "VU#238019",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/238019"
              },
              {
                "name": "35497",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35497"
              },
              {
                "name": "35102",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35102"
              },
              {
                "name": "SSA:2009-134-01",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
                  "x_transferred"
                ],
                "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.448834"
              },
              {
                "name": "35746",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35746"
              },
              {
                "name": "39428",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/39428"
              },
              {
                "name": "1020755",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020755.1-1"
              },
              {
                "name": "35094",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35094"
              },
              {
                "name": "APPLE-SA-2010-03-29-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
              },
              {
                "name": "DSA-1807",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2009/dsa-1807"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0091"
              },
              {
                "name": "oval:org.mitre.oval:def:6136",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6136"
              },
              {
                "name": "35097",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35097"
              },
              {
                "name": "ADV-2009-1313",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/1313"
              },
              {
                "name": "ADV-2009-2012",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/2012"
              },
              {
                "name": "oval:org.mitre.oval:def:10687",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10687"
              },
              {
                "name": "SUSE-SR:2009:011",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html"
              },
              {
                "name": "1021699",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021699.1-1"
              },
              {
                "name": "GLSA-200907-09",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200907-09.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.apple.com/kb/HT4077"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-184.htm"
              },
              {
                "name": "264248",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-264248-1"
              },
              {
                "name": "35206",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35206"
              },
              {
                "name": "259148",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259148-1"
              },
              {
                "name": "MDVSA-2009:113",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:113"
              },
              {
                "name": "RHSA-2009:1116",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2009-1116.html"
              },
              {
                "name": "34961",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/34961"
              },
              {
                "name": "35416",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35416"
              },
              {
                "name": "273910",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-273910-1"
              },
              {
                "name": "54514",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/54514"
              },
              {
                "name": "USN-790-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/usn-790-1"
              },
              {
                "name": "1022231",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1022231"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.23.tar.gz"
              },
              {
                "name": "solaris-sasl-saslencode64-bo(50554)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50554"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-04-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "54515",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/54515"
            },
            {
              "name": "35239",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35239"
            },
            {
              "name": "TA10-103B",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"
            },
            {
              "name": "35321",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35321"
            },
            {
              "name": "VU#238019",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/238019"
            },
            {
              "name": "35497",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35497"
            },
            {
              "name": "35102",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35102"
            },
            {
              "name": "SSA:2009-134-01",
              "tags": [
                "vendor-advisory",
                "x_refsource_SLACKWARE"
              ],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.448834"
            },
            {
              "name": "35746",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35746"
            },
            {
              "name": "39428",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/39428"
            },
            {
              "name": "1020755",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020755.1-1"
            },
            {
              "name": "35094",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35094"
            },
            {
              "name": "APPLE-SA-2010-03-29-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
            },
            {
              "name": "DSA-1807",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2009/dsa-1807"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0091"
            },
            {
              "name": "oval:org.mitre.oval:def:6136",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6136"
            },
            {
              "name": "35097",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35097"
            },
            {
              "name": "ADV-2009-1313",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/1313"
            },
            {
              "name": "ADV-2009-2012",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/2012"
            },
            {
              "name": "oval:org.mitre.oval:def:10687",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10687"
            },
            {
              "name": "SUSE-SR:2009:011",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html"
            },
            {
              "name": "1021699",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021699.1-1"
            },
            {
              "name": "GLSA-200907-09",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200907-09.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.apple.com/kb/HT4077"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-184.htm"
            },
            {
              "name": "264248",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-264248-1"
            },
            {
              "name": "35206",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35206"
            },
            {
              "name": "259148",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259148-1"
            },
            {
              "name": "MDVSA-2009:113",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:113"
            },
            {
              "name": "RHSA-2009:1116",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2009-1116.html"
            },
            {
              "name": "34961",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/34961"
            },
            {
              "name": "35416",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35416"
            },
            {
              "name": "273910",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-273910-1"
            },
            {
              "name": "54514",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/54514"
            },
            {
              "name": "USN-790-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/usn-790-1"
            },
            {
              "name": "1022231",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1022231"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.23.tar.gz"
            },
            {
              "name": "solaris-sasl-saslencode64-bo(50554)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50554"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2009-0688",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "54515",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/54515"
                },
                {
                  "name": "35239",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35239"
                },
                {
                  "name": "TA10-103B",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"
                },
                {
                  "name": "35321",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35321"
                },
                {
                  "name": "VU#238019",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/238019"
                },
                {
                  "name": "35497",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35497"
                },
                {
                  "name": "35102",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35102"
                },
                {
                  "name": "SSA:2009-134-01",
                  "refsource": "SLACKWARE",
                  "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.448834"
                },
                {
                  "name": "35746",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35746"
                },
                {
                  "name": "39428",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/39428"
                },
                {
                  "name": "1020755",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020755.1-1"
                },
                {
                  "name": "35094",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35094"
                },
                {
                  "name": "APPLE-SA-2010-03-29-1",
                  "refsource": "APPLE",
                  "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
                },
                {
                  "name": "DSA-1807",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2009/dsa-1807"
                },
                {
                  "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0091",
                  "refsource": "CONFIRM",
                  "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0091"
                },
                {
                  "name": "oval:org.mitre.oval:def:6136",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6136"
                },
                {
                  "name": "35097",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35097"
                },
                {
                  "name": "ADV-2009-1313",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/1313"
                },
                {
                  "name": "ADV-2009-2012",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/2012"
                },
                {
                  "name": "oval:org.mitre.oval:def:10687",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10687"
                },
                {
                  "name": "SUSE-SR:2009:011",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html"
                },
                {
                  "name": "1021699",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021699.1-1"
                },
                {
                  "name": "GLSA-200907-09",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200907-09.xml"
                },
                {
                  "name": "http://support.apple.com/kb/HT4077",
                  "refsource": "CONFIRM",
                  "url": "http://support.apple.com/kb/HT4077"
                },
                {
                  "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html"
                },
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2009-184.htm",
                  "refsource": "CONFIRM",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-184.htm"
                },
                {
                  "name": "264248",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-264248-1"
                },
                {
                  "name": "35206",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35206"
                },
                {
                  "name": "259148",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259148-1"
                },
                {
                  "name": "MDVSA-2009:113",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:113"
                },
                {
                  "name": "RHSA-2009:1116",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2009-1116.html"
                },
                {
                  "name": "34961",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/34961"
                },
                {
                  "name": "35416",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35416"
                },
                {
                  "name": "273910",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-273910-1"
                },
                {
                  "name": "54514",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/54514"
                },
                {
                  "name": "USN-790-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/usn-790-1"
                },
                {
                  "name": "1022231",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1022231"
                },
                {
                  "name": "ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.23.tar.gz",
                  "refsource": "CONFIRM",
                  "url": "ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.23.tar.gz"
                },
                {
                  "name": "solaris-sasl-saslencode64-bo(50554)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50554"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2009-0688",
        "datePublished": "2009-05-15T15:00:00.000Z",
        "dateReserved": "2009-02-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T04:40:05.371Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-0250 (GCVE-0-2006-0250)

    Vulnerability from nvd – Published: 2006-01-18 02:00 – Updated: 2024-08-07 16:25
    VLAI
    Summary
    Format string vulnerability in the snmp_input function in snmptrapd in CMU SNMP utilities (cmu-snmp) allows remote attackers to execute arbitrary code by sending crafted SNMP messages to UDP port 162.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/16267 vdb-entryx_refsource_BID
    http://www.osvdb.org/22493 vdb-entryx_refsource_OSVDB
    http://www.digitalarmaments.com/2006040164883273.html x_refsource_MISC
    http://secunia.com/advisories/18525 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/0234 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/422086/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-01-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:25:34.100Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "16267",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16267"
              },
              {
                "name": "22493",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/22493"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.digitalarmaments.com/2006040164883273.html"
              },
              {
                "name": "18525",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18525"
              },
              {
                "name": "ADV-2006-0234",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0234"
              },
              {
                "name": "cmusnmp-snmpinput-format-string(24178)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24178"
              },
              {
                "name": "20060116 Digital Armaments Security Advisory 01.16.2006: CMU SNMP utilities snmptrad Format String Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/422086/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-01-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Format string vulnerability in the snmp_input function in snmptrapd in CMU SNMP utilities (cmu-snmp) allows remote attackers to execute arbitrary code by sending crafted SNMP messages to UDP port 162."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "16267",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16267"
            },
            {
              "name": "22493",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/22493"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.digitalarmaments.com/2006040164883273.html"
            },
            {
              "name": "18525",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18525"
            },
            {
              "name": "ADV-2006-0234",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0234"
            },
            {
              "name": "cmusnmp-snmpinput-format-string(24178)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24178"
            },
            {
              "name": "20060116 Digital Armaments Security Advisory 01.16.2006: CMU SNMP utilities snmptrad Format String Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/422086/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-0250",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Format string vulnerability in the snmp_input function in snmptrapd in CMU SNMP utilities (cmu-snmp) allows remote attackers to execute arbitrary code by sending crafted SNMP messages to UDP port 162."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "16267",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16267"
                },
                {
                  "name": "22493",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/22493"
                },
                {
                  "name": "http://www.digitalarmaments.com/2006040164883273.html",
                  "refsource": "MISC",
                  "url": "http://www.digitalarmaments.com/2006040164883273.html"
                },
                {
                  "name": "18525",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18525"
                },
                {
                  "name": "ADV-2006-0234",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0234"
                },
                {
                  "name": "cmusnmp-snmpinput-format-string(24178)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24178"
                },
                {
                  "name": "20060116 Digital Armaments Security Advisory 01.16.2006: CMU SNMP utilities snmptrad Format String Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/422086/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-0250",
        "datePublished": "2006-01-18T02:00:00.000Z",
        "dateReserved": "2006-01-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:25:34.100Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1011 (GCVE-0-2004-1011)

    Vulnerability from nvd – Published: 2004-12-01 05:00 – Updated: 2024-08-08 00:39
    VLAI
    Summary
    Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2004-11-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:39:00.588Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://security.e-matters.de/advisories/152004.html"
              },
              {
                "name": "cyrus-imap-username-bo(18198)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18198"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
              },
              {
                "name": "MDKSA-2004:139",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
              },
              {
                "name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
              },
              {
                "name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
              },
              {
                "name": "13274",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/13274/"
              },
              {
                "name": "GLSA-200411-34",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-11-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://security.e-matters.de/advisories/152004.html"
            },
            {
              "name": "cyrus-imap-username-bo(18198)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18198"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
            },
            {
              "name": "MDKSA-2004:139",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
            },
            {
              "name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
            },
            {
              "name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
            },
            {
              "name": "13274",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/13274/"
            },
            {
              "name": "GLSA-200411-34",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1011",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://security.e-matters.de/advisories/152004.html",
                  "refsource": "MISC",
                  "url": "http://security.e-matters.de/advisories/152004.html"
                },
                {
                  "name": "cyrus-imap-username-bo(18198)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18198"
                },
                {
                  "name": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html",
                  "refsource": "CONFIRM",
                  "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
                },
                {
                  "name": "MDKSA-2004:139",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
                },
                {
                  "name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
                },
                {
                  "name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
                  "refsource": "MLIST",
                  "url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
                },
                {
                  "name": "13274",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/13274/"
                },
                {
                  "name": "GLSA-200411-34",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1011",
        "datePublished": "2004-12-01T05:00:00.000Z",
        "dateReserved": "2004-11-04T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:39:00.588Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1012 (GCVE-0-2004-1012)

    Vulnerability from nvd – Published: 2004-12-01 05:00 – Updated: 2024-08-08 00:39
    VLAI
    Summary
    The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.debian.org/security/2004/dsa-597 vendor-advisoryx_refsource_DEBIAN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://security.e-matters.de/advisories/152004.html x_refsource_MISC
    http://asg.web.cmu.edu/cyrus/download/imapd/chang… x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRAKE
    http://marc.info/?l=bugtraq&m=110123023521619&w=2 mailing-listx_refsource_BUGTRAQ
    http://asg.web.cmu.edu/archive/message.php?mailbo… mailing-listx_refsource_MLIST
    http://secunia.com/advisories/13274/ third-party-advisoryx_refsource_SECUNIA
    http://security.gentoo.org/glsa/glsa-200411-34.xml vendor-advisoryx_refsource_GENTOO
    https://www.ubuntu.com/usn/usn-31-1/ vendor-advisoryx_refsource_UBUNTU
    Date Public
    2004-11-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:39:00.882Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-597",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-597"
              },
              {
                "name": "cyrus-imap-commands-execute-code(18199)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18199"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://security.e-matters.de/advisories/152004.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
              },
              {
                "name": "MDKSA-2004:139",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
              },
              {
                "name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
              },
              {
                "name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
              },
              {
                "name": "13274",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/13274/"
              },
              {
                "name": "GLSA-200411-34",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
              },
              {
                "name": "USN-31-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://www.ubuntu.com/usn/usn-31-1/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-11-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command (\"body[p\") that is treated as a different command (\"body.peek\") and causes an index increment error that leads to an out-of-bounds memory corruption."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "DSA-597",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-597"
            },
            {
              "name": "cyrus-imap-commands-execute-code(18199)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18199"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://security.e-matters.de/advisories/152004.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
            },
            {
              "name": "MDKSA-2004:139",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
            },
            {
              "name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
            },
            {
              "name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
            },
            {
              "name": "13274",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/13274/"
            },
            {
              "name": "GLSA-200411-34",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
            },
            {
              "name": "USN-31-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://www.ubuntu.com/usn/usn-31-1/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1012",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command (\"body[p\") that is treated as a different command (\"body.peek\") and causes an index increment error that leads to an out-of-bounds memory corruption."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-597",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-597"
                },
                {
                  "name": "cyrus-imap-commands-execute-code(18199)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18199"
                },
                {
                  "name": "http://security.e-matters.de/advisories/152004.html",
                  "refsource": "MISC",
                  "url": "http://security.e-matters.de/advisories/152004.html"
                },
                {
                  "name": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html",
                  "refsource": "CONFIRM",
                  "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
                },
                {
                  "name": "MDKSA-2004:139",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
                },
                {
                  "name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
                },
                {
                  "name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
                  "refsource": "MLIST",
                  "url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
                },
                {
                  "name": "13274",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/13274/"
                },
                {
                  "name": "GLSA-200411-34",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
                },
                {
                  "name": "USN-31-1",
                  "refsource": "UBUNTU",
                  "url": "https://www.ubuntu.com/usn/usn-31-1/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1012",
        "datePublished": "2004-12-01T05:00:00.000Z",
        "dateReserved": "2004-11-04T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:39:00.882Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1067 (GCVE-0-2004-1067)

    Vulnerability from nvd – Published: 2004-12-10 05:00 – Updated: 2024-08-08 00:39
    VLAI
    Summary
    Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2004-12-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:39:00.545Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cyrus-mysaslcanonuser-offbyone-bo(18333)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18333"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
              },
              {
                "name": "11738",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/11738"
              },
              {
                "name": "USN-37-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://www.ubuntu.com/usn/usn-37-1/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-12-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "cyrus-mysaslcanonuser-offbyone-bo(18333)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18333"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
            },
            {
              "name": "11738",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/11738"
            },
            {
              "name": "USN-37-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://www.ubuntu.com/usn/usn-37-1/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1067",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "cyrus-mysaslcanonuser-offbyone-bo(18333)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18333"
                },
                {
                  "name": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html",
                  "refsource": "CONFIRM",
                  "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
                },
                {
                  "name": "11738",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/11738"
                },
                {
                  "name": "USN-37-1",
                  "refsource": "UBUNTU",
                  "url": "https://www.ubuntu.com/usn/usn-37-1/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1067",
        "datePublished": "2004-12-10T05:00:00.000Z",
        "dateReserved": "2004-11-29T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:39:00.545Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1013 (GCVE-0-2004-1013)

    Vulnerability from nvd – Published: 2004-12-01 05:00 – Updated: 2024-08-08 00:38
    VLAI
    Summary
    The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.debian.org/security/2004/dsa-597 vendor-advisoryx_refsource_DEBIAN
    http://security.e-matters.de/advisories/152004.html x_refsource_MISC
    http://asg.web.cmu.edu/cyrus/download/imapd/chang… x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRAKE
    http://marc.info/?l=bugtraq&m=110123023521619&w=2 mailing-listx_refsource_BUGTRAQ
    http://asg.web.cmu.edu/archive/message.php?mailbo… mailing-listx_refsource_MLIST
    http://secunia.com/advisories/13274/ third-party-advisoryx_refsource_SECUNIA
    http://security.gentoo.org/glsa/glsa-200411-34.xml vendor-advisoryx_refsource_GENTOO
    https://www.ubuntu.com/usn/usn-31-1/ vendor-advisoryx_refsource_UBUNTU
    Date Public
    2004-11-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:38:59.800Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-597",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-597"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://security.e-matters.de/advisories/152004.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
              },
              {
                "name": "MDKSA-2004:139",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
              },
              {
                "name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
              },
              {
                "name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
              },
              {
                "name": "13274",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/13274/"
              },
              {
                "name": "GLSA-200411-34",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
              },
              {
                "name": "USN-31-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://www.ubuntu.com/usn/usn-31-1/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-11-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) \"body[p\", (2) \"binary[p\", or (3) \"binary[p\") that cause an index increment error that leads to an out-of-bounds memory corruption."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-12-06T21:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "DSA-597",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-597"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://security.e-matters.de/advisories/152004.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
            },
            {
              "name": "MDKSA-2004:139",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
            },
            {
              "name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
            },
            {
              "name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
            },
            {
              "name": "13274",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/13274/"
            },
            {
              "name": "GLSA-200411-34",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
            },
            {
              "name": "USN-31-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://www.ubuntu.com/usn/usn-31-1/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1013",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) \"body[p\", (2) \"binary[p\", or (3) \"binary[p\") that cause an index increment error that leads to an out-of-bounds memory corruption."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-597",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-597"
                },
                {
                  "name": "http://security.e-matters.de/advisories/152004.html",
                  "refsource": "MISC",
                  "url": "http://security.e-matters.de/advisories/152004.html"
                },
                {
                  "name": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html",
                  "refsource": "CONFIRM",
                  "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
                },
                {
                  "name": "MDKSA-2004:139",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
                },
                {
                  "name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
                },
                {
                  "name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
                  "refsource": "MLIST",
                  "url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
                },
                {
                  "name": "13274",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/13274/"
                },
                {
                  "name": "GLSA-200411-34",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
                },
                {
                  "name": "USN-31-1",
                  "refsource": "UBUNTU",
                  "url": "https://www.ubuntu.com/usn/usn-31-1/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1013",
        "datePublished": "2004-12-01T05:00:00.000Z",
        "dateReserved": "2004-11-04T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:38:59.800Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1015 (GCVE-0-2004-1015)

    Vulnerability from nvd – Published: 2004-12-01 05:00 – Updated: 2024-08-08 00:39
    VLAI
    Summary
    Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2004-11-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:39:00.635Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cyrus-magic-plus-bo(18274)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18274"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
              },
              {
                "name": "MDKSA-2004:139",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
              },
              {
                "name": "[cyrus-announce] 20041123 Cyrus IMAPd 2.2.10 Released",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=145"
              },
              {
                "name": "GLSA-200411-34",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-11-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "cyrus-magic-plus-bo(18274)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18274"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
            },
            {
              "name": "MDKSA-2004:139",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
            },
            {
              "name": "[cyrus-announce] 20041123 Cyrus IMAPd 2.2.10 Released",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=145"
            },
            {
              "name": "GLSA-200411-34",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1015",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "cyrus-magic-plus-bo(18274)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18274"
                },
                {
                  "name": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html",
                  "refsource": "CONFIRM",
                  "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
                },
                {
                  "name": "MDKSA-2004:139",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
                },
                {
                  "name": "[cyrus-announce] 20041123 Cyrus IMAPd 2.2.10 Released",
                  "refsource": "MLIST",
                  "url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=145"
                },
                {
                  "name": "GLSA-200411-34",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1015",
        "datePublished": "2004-12-01T05:00:00.000Z",
        "dateReserved": "2004-11-04T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:39:00.635Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-1580 (GCVE-0-2002-1580)

    Vulnerability from nvd – Published: 2004-05-20 04:00 – Updated: 2024-08-08 03:26
    VLAI
    Summary
    Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://distro.conectiva.com/atualizacoes/?id=a&an… vendor-advisoryx_refsource_CONECTIVA
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://www.debian.org/security/2002/dsa-215 vendor-advisoryx_refsource_DEBIAN
    http://asg.web.cmu.edu/cyrus/download/imapd/chang… x_refsource_CONFIRM
    http://www.kb.cert.org/vuls/id/740169 third-party-advisoryx_refsource_CERT-VN
    http://www.securityfocus.com/bid/6298 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/301864 mailing-listx_refsource_BUGTRAQ
    Date Public
    2002-12-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:26:29.337Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "000557",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com/atualizacoes/?id=a\u0026anuncio=000557"
              },
              {
                "name": "CLA-2002:557",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000557"
              },
              {
                "name": "DSA-215",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2002/dsa-215"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
              },
              {
                "name": "VU#740169",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/740169"
              },
              {
                "name": "6298",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/6298"
              },
              {
                "name": "cyrus-imap-preauth-bo(10744)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10744"
              },
              {
                "name": "20021202 pre-login buffer overflow in Cyrus IMAP server",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/301864"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-12-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "000557",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com/atualizacoes/?id=a\u0026anuncio=000557"
            },
            {
              "name": "CLA-2002:557",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000557"
            },
            {
              "name": "DSA-215",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2002/dsa-215"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
            },
            {
              "name": "VU#740169",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/740169"
            },
            {
              "name": "6298",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/6298"
            },
            {
              "name": "cyrus-imap-preauth-bo(10744)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10744"
            },
            {
              "name": "20021202 pre-login buffer overflow in Cyrus IMAP server",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/301864"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-1580",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "000557",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com/atualizacoes/?id=a\u0026anuncio=000557"
                },
                {
                  "name": "CLA-2002:557",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000557"
                },
                {
                  "name": "DSA-215",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2002/dsa-215"
                },
                {
                  "name": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html",
                  "refsource": "CONFIRM",
                  "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
                },
                {
                  "name": "VU#740169",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/740169"
                },
                {
                  "name": "6298",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/6298"
                },
                {
                  "name": "cyrus-imap-preauth-bo(10744)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10744"
                },
                {
                  "name": "20021202 pre-login buffer overflow in Cyrus IMAP server",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/301864"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-1580",
        "datePublished": "2004-05-20T04:00:00.000Z",
        "dateReserved": "2004-05-13T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:26:29.337Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2001-1154 (GCVE-0-2001-1154)

    Vulnerability from nvd – Published: 2002-03-15 05:00 – Updated: 2024-08-08 04:44
    VLAI
    Summary
    Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote attackers to cause a denial of service (hang) using PHP IMAP clients.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/211056 mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/3260 vdb-entryx_refsource_BID
    Date Public
    2001-08-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:44:07.894Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cyrus-imap-php-dos(7053)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7053"
              },
              {
                "name": "20010830 Possible Denial of Service with PHP and Cyrus IMAP on BSDi 4.2",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/211056"
              },
              {
                "name": "3260",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/3260"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-08-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote attackers to cause a denial of service (hang) using PHP IMAP clients."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-12-18T21:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "cyrus-imap-php-dos(7053)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7053"
            },
            {
              "name": "20010830 Possible Denial of Service with PHP and Cyrus IMAP on BSDi 4.2",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/211056"
            },
            {
              "name": "3260",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/3260"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-1154",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote attackers to cause a denial of service (hang) using PHP IMAP clients."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "cyrus-imap-php-dos(7053)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7053"
                },
                {
                  "name": "20010830 Possible Denial of Service with PHP and Cyrus IMAP on BSDi 4.2",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/211056"
                },
                {
                  "name": "3260",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/3260"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-1154",
        "datePublished": "2002-03-15T05:00:00.000Z",
        "dateReserved": "2002-03-15T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:44:07.894Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2000-0956 (GCVE-0-2000-0956)

    Vulnerability from nvd – Published: 2001-01-22 05:00 – Updated: 2024-08-08 05:37
    VLAI
    Summary
    cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local user, which could allow the users to bypass specified access restrictions.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.redhat.com/support/errata/RHSA-2000-094.html vendor-advisoryx_refsource_REDHAT
    http://www.securityfocus.com/bid/1875 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2000-10-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T05:37:31.992Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2000:094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2000-094.html"
              },
              {
                "name": "1875",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/1875"
              },
              {
                "name": "cyrus-sasl-gain-access(5427)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5427"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2000-10-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local user, which could allow the users to bypass specified access restrictions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2004-09-02T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "RHSA-2000:094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2000-094.html"
            },
            {
              "name": "1875",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/1875"
            },
            {
              "name": "cyrus-sasl-gain-access(5427)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5427"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2000-0956",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local user, which could allow the users to bypass specified access restrictions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2000:094",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2000-094.html"
                },
                {
                  "name": "1875",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/1875"
                },
                {
                  "name": "cyrus-sasl-gain-access(5427)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5427"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2000-0956",
        "datePublished": "2001-01-22T05:00:00.000Z",
        "dateReserved": "2000-11-24T00:00:00.000Z",
        "dateUpdated": "2024-08-08T05:37:31.992Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-0688 (GCVE-0-2009-0688)

    Vulnerability from cvelistv5 – Published: 2009-05-15 15:00 – Updated: 2024-08-07 04:40
    VLAI
    Summary
    Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/54515 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/35239 third-party-advisoryx_refsource_SECUNIA
    http://www.us-cert.gov/cas/techalerts/TA10-103B.html third-party-advisoryx_refsource_CERT
    http://secunia.com/advisories/35321 third-party-advisoryx_refsource_SECUNIA
    http://www.kb.cert.org/vuls/id/238019 third-party-advisoryx_refsource_CERT-VN
    http://secunia.com/advisories/35497 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/35102 third-party-advisoryx_refsource_SECUNIA
    http://slackware.com/security/viewer.php?l=slackw… vendor-advisoryx_refsource_SLACKWARE
    http://secunia.com/advisories/35746 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/39428 third-party-advisoryx_refsource_SECUNIA
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://secunia.com/advisories/35094 third-party-advisoryx_refsource_SECUNIA
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    http://www.debian.org/security/2009/dsa-1807 vendor-advisoryx_refsource_DEBIAN
    http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0091 x_refsource_CONFIRM
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/35097 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2009/1313 vdb-entryx_refsource_VUPEN
    http://www.vupen.com/english/advisories/2009/2012 vdb-entryx_refsource_VUPEN
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://security.gentoo.org/glsa/glsa-200907-09.xml vendor-advisoryx_refsource_GENTOO
    http://support.apple.com/kb/HT4077 x_refsource_CONFIRM
    http://www.oracle.com/technetwork/topics/security… x_refsource_CONFIRM
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://secunia.com/advisories/35206 third-party-advisoryx_refsource_SECUNIA
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.redhat.com/support/errata/RHSA-2009-11… vendor-advisoryx_refsource_REDHAT
    http://www.securityfocus.com/bid/34961 vdb-entryx_refsource_BID
    http://secunia.com/advisories/35416 third-party-advisoryx_refsource_SECUNIA
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://osvdb.org/54514 vdb-entryx_refsource_OSVDB
    http://www.ubuntu.com/usn/usn-790-1 vendor-advisoryx_refsource_UBUNTU
    http://www.securitytracker.com/id?1022231 vdb-entryx_refsource_SECTRACK
    ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sas… x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2009-04-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T04:40:05.371Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "54515",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/54515"
              },
              {
                "name": "35239",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35239"
              },
              {
                "name": "TA10-103B",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"
              },
              {
                "name": "35321",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35321"
              },
              {
                "name": "VU#238019",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/238019"
              },
              {
                "name": "35497",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35497"
              },
              {
                "name": "35102",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35102"
              },
              {
                "name": "SSA:2009-134-01",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
                  "x_transferred"
                ],
                "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.448834"
              },
              {
                "name": "35746",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35746"
              },
              {
                "name": "39428",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/39428"
              },
              {
                "name": "1020755",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020755.1-1"
              },
              {
                "name": "35094",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35094"
              },
              {
                "name": "APPLE-SA-2010-03-29-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
              },
              {
                "name": "DSA-1807",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2009/dsa-1807"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0091"
              },
              {
                "name": "oval:org.mitre.oval:def:6136",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6136"
              },
              {
                "name": "35097",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35097"
              },
              {
                "name": "ADV-2009-1313",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/1313"
              },
              {
                "name": "ADV-2009-2012",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/2012"
              },
              {
                "name": "oval:org.mitre.oval:def:10687",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10687"
              },
              {
                "name": "SUSE-SR:2009:011",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html"
              },
              {
                "name": "1021699",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021699.1-1"
              },
              {
                "name": "GLSA-200907-09",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200907-09.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.apple.com/kb/HT4077"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-184.htm"
              },
              {
                "name": "264248",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-264248-1"
              },
              {
                "name": "35206",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35206"
              },
              {
                "name": "259148",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259148-1"
              },
              {
                "name": "MDVSA-2009:113",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:113"
              },
              {
                "name": "RHSA-2009:1116",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2009-1116.html"
              },
              {
                "name": "34961",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/34961"
              },
              {
                "name": "35416",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35416"
              },
              {
                "name": "273910",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-273910-1"
              },
              {
                "name": "54514",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/54514"
              },
              {
                "name": "USN-790-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/usn-790-1"
              },
              {
                "name": "1022231",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1022231"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.23.tar.gz"
              },
              {
                "name": "solaris-sasl-saslencode64-bo(50554)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50554"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-04-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "54515",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/54515"
            },
            {
              "name": "35239",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35239"
            },
            {
              "name": "TA10-103B",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"
            },
            {
              "name": "35321",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35321"
            },
            {
              "name": "VU#238019",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/238019"
            },
            {
              "name": "35497",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35497"
            },
            {
              "name": "35102",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35102"
            },
            {
              "name": "SSA:2009-134-01",
              "tags": [
                "vendor-advisory",
                "x_refsource_SLACKWARE"
              ],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.448834"
            },
            {
              "name": "35746",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35746"
            },
            {
              "name": "39428",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/39428"
            },
            {
              "name": "1020755",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020755.1-1"
            },
            {
              "name": "35094",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35094"
            },
            {
              "name": "APPLE-SA-2010-03-29-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
            },
            {
              "name": "DSA-1807",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2009/dsa-1807"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0091"
            },
            {
              "name": "oval:org.mitre.oval:def:6136",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6136"
            },
            {
              "name": "35097",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35097"
            },
            {
              "name": "ADV-2009-1313",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/1313"
            },
            {
              "name": "ADV-2009-2012",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/2012"
            },
            {
              "name": "oval:org.mitre.oval:def:10687",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10687"
            },
            {
              "name": "SUSE-SR:2009:011",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html"
            },
            {
              "name": "1021699",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021699.1-1"
            },
            {
              "name": "GLSA-200907-09",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200907-09.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.apple.com/kb/HT4077"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-184.htm"
            },
            {
              "name": "264248",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-264248-1"
            },
            {
              "name": "35206",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35206"
            },
            {
              "name": "259148",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259148-1"
            },
            {
              "name": "MDVSA-2009:113",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:113"
            },
            {
              "name": "RHSA-2009:1116",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2009-1116.html"
            },
            {
              "name": "34961",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/34961"
            },
            {
              "name": "35416",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35416"
            },
            {
              "name": "273910",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-273910-1"
            },
            {
              "name": "54514",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/54514"
            },
            {
              "name": "USN-790-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/usn-790-1"
            },
            {
              "name": "1022231",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1022231"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.23.tar.gz"
            },
            {
              "name": "solaris-sasl-saslencode64-bo(50554)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50554"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2009-0688",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "54515",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/54515"
                },
                {
                  "name": "35239",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35239"
                },
                {
                  "name": "TA10-103B",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"
                },
                {
                  "name": "35321",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35321"
                },
                {
                  "name": "VU#238019",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/238019"
                },
                {
                  "name": "35497",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35497"
                },
                {
                  "name": "35102",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35102"
                },
                {
                  "name": "SSA:2009-134-01",
                  "refsource": "SLACKWARE",
                  "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.448834"
                },
                {
                  "name": "35746",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35746"
                },
                {
                  "name": "39428",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/39428"
                },
                {
                  "name": "1020755",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020755.1-1"
                },
                {
                  "name": "35094",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35094"
                },
                {
                  "name": "APPLE-SA-2010-03-29-1",
                  "refsource": "APPLE",
                  "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
                },
                {
                  "name": "DSA-1807",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2009/dsa-1807"
                },
                {
                  "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0091",
                  "refsource": "CONFIRM",
                  "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0091"
                },
                {
                  "name": "oval:org.mitre.oval:def:6136",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6136"
                },
                {
                  "name": "35097",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35097"
                },
                {
                  "name": "ADV-2009-1313",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/1313"
                },
                {
                  "name": "ADV-2009-2012",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/2012"
                },
                {
                  "name": "oval:org.mitre.oval:def:10687",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10687"
                },
                {
                  "name": "SUSE-SR:2009:011",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html"
                },
                {
                  "name": "1021699",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021699.1-1"
                },
                {
                  "name": "GLSA-200907-09",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200907-09.xml"
                },
                {
                  "name": "http://support.apple.com/kb/HT4077",
                  "refsource": "CONFIRM",
                  "url": "http://support.apple.com/kb/HT4077"
                },
                {
                  "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html"
                },
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2009-184.htm",
                  "refsource": "CONFIRM",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-184.htm"
                },
                {
                  "name": "264248",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-264248-1"
                },
                {
                  "name": "35206",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35206"
                },
                {
                  "name": "259148",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259148-1"
                },
                {
                  "name": "MDVSA-2009:113",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:113"
                },
                {
                  "name": "RHSA-2009:1116",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2009-1116.html"
                },
                {
                  "name": "34961",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/34961"
                },
                {
                  "name": "35416",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35416"
                },
                {
                  "name": "273910",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-273910-1"
                },
                {
                  "name": "54514",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/54514"
                },
                {
                  "name": "USN-790-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/usn-790-1"
                },
                {
                  "name": "1022231",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1022231"
                },
                {
                  "name": "ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.23.tar.gz",
                  "refsource": "CONFIRM",
                  "url": "ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.23.tar.gz"
                },
                {
                  "name": "solaris-sasl-saslencode64-bo(50554)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50554"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2009-0688",
        "datePublished": "2009-05-15T15:00:00.000Z",
        "dateReserved": "2009-02-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T04:40:05.371Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-0250 (GCVE-0-2006-0250)

    Vulnerability from cvelistv5 – Published: 2006-01-18 02:00 – Updated: 2024-08-07 16:25
    VLAI
    Summary
    Format string vulnerability in the snmp_input function in snmptrapd in CMU SNMP utilities (cmu-snmp) allows remote attackers to execute arbitrary code by sending crafted SNMP messages to UDP port 162.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/16267 vdb-entryx_refsource_BID
    http://www.osvdb.org/22493 vdb-entryx_refsource_OSVDB
    http://www.digitalarmaments.com/2006040164883273.html x_refsource_MISC
    http://secunia.com/advisories/18525 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/0234 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/422086/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-01-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:25:34.100Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "16267",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16267"
              },
              {
                "name": "22493",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/22493"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.digitalarmaments.com/2006040164883273.html"
              },
              {
                "name": "18525",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18525"
              },
              {
                "name": "ADV-2006-0234",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0234"
              },
              {
                "name": "cmusnmp-snmpinput-format-string(24178)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24178"
              },
              {
                "name": "20060116 Digital Armaments Security Advisory 01.16.2006: CMU SNMP utilities snmptrad Format String Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/422086/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-01-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Format string vulnerability in the snmp_input function in snmptrapd in CMU SNMP utilities (cmu-snmp) allows remote attackers to execute arbitrary code by sending crafted SNMP messages to UDP port 162."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "16267",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16267"
            },
            {
              "name": "22493",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/22493"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.digitalarmaments.com/2006040164883273.html"
            },
            {
              "name": "18525",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18525"
            },
            {
              "name": "ADV-2006-0234",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0234"
            },
            {
              "name": "cmusnmp-snmpinput-format-string(24178)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24178"
            },
            {
              "name": "20060116 Digital Armaments Security Advisory 01.16.2006: CMU SNMP utilities snmptrad Format String Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/422086/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-0250",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Format string vulnerability in the snmp_input function in snmptrapd in CMU SNMP utilities (cmu-snmp) allows remote attackers to execute arbitrary code by sending crafted SNMP messages to UDP port 162."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "16267",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16267"
                },
                {
                  "name": "22493",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/22493"
                },
                {
                  "name": "http://www.digitalarmaments.com/2006040164883273.html",
                  "refsource": "MISC",
                  "url": "http://www.digitalarmaments.com/2006040164883273.html"
                },
                {
                  "name": "18525",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18525"
                },
                {
                  "name": "ADV-2006-0234",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0234"
                },
                {
                  "name": "cmusnmp-snmpinput-format-string(24178)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24178"
                },
                {
                  "name": "20060116 Digital Armaments Security Advisory 01.16.2006: CMU SNMP utilities snmptrad Format String Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/422086/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-0250",
        "datePublished": "2006-01-18T02:00:00.000Z",
        "dateReserved": "2006-01-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:25:34.100Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1067 (GCVE-0-2004-1067)

    Vulnerability from cvelistv5 – Published: 2004-12-10 05:00 – Updated: 2024-08-08 00:39
    VLAI
    Summary
    Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2004-12-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:39:00.545Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cyrus-mysaslcanonuser-offbyone-bo(18333)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18333"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
              },
              {
                "name": "11738",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/11738"
              },
              {
                "name": "USN-37-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://www.ubuntu.com/usn/usn-37-1/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-12-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "cyrus-mysaslcanonuser-offbyone-bo(18333)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18333"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
            },
            {
              "name": "11738",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/11738"
            },
            {
              "name": "USN-37-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://www.ubuntu.com/usn/usn-37-1/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1067",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "cyrus-mysaslcanonuser-offbyone-bo(18333)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18333"
                },
                {
                  "name": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html",
                  "refsource": "CONFIRM",
                  "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
                },
                {
                  "name": "11738",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/11738"
                },
                {
                  "name": "USN-37-1",
                  "refsource": "UBUNTU",
                  "url": "https://www.ubuntu.com/usn/usn-37-1/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1067",
        "datePublished": "2004-12-10T05:00:00.000Z",
        "dateReserved": "2004-11-29T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:39:00.545Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1011 (GCVE-0-2004-1011)

    Vulnerability from cvelistv5 – Published: 2004-12-01 05:00 – Updated: 2024-08-08 00:39
    VLAI
    Summary
    Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2004-11-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:39:00.588Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://security.e-matters.de/advisories/152004.html"
              },
              {
                "name": "cyrus-imap-username-bo(18198)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18198"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
              },
              {
                "name": "MDKSA-2004:139",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
              },
              {
                "name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
              },
              {
                "name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
              },
              {
                "name": "13274",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/13274/"
              },
              {
                "name": "GLSA-200411-34",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-11-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://security.e-matters.de/advisories/152004.html"
            },
            {
              "name": "cyrus-imap-username-bo(18198)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18198"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
            },
            {
              "name": "MDKSA-2004:139",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
            },
            {
              "name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
            },
            {
              "name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
            },
            {
              "name": "13274",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/13274/"
            },
            {
              "name": "GLSA-200411-34",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1011",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://security.e-matters.de/advisories/152004.html",
                  "refsource": "MISC",
                  "url": "http://security.e-matters.de/advisories/152004.html"
                },
                {
                  "name": "cyrus-imap-username-bo(18198)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18198"
                },
                {
                  "name": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html",
                  "refsource": "CONFIRM",
                  "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
                },
                {
                  "name": "MDKSA-2004:139",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
                },
                {
                  "name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
                },
                {
                  "name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
                  "refsource": "MLIST",
                  "url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
                },
                {
                  "name": "13274",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/13274/"
                },
                {
                  "name": "GLSA-200411-34",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1011",
        "datePublished": "2004-12-01T05:00:00.000Z",
        "dateReserved": "2004-11-04T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:39:00.588Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1012 (GCVE-0-2004-1012)

    Vulnerability from cvelistv5 – Published: 2004-12-01 05:00 – Updated: 2024-08-08 00:39
    VLAI
    Summary
    The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.debian.org/security/2004/dsa-597 vendor-advisoryx_refsource_DEBIAN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://security.e-matters.de/advisories/152004.html x_refsource_MISC
    http://asg.web.cmu.edu/cyrus/download/imapd/chang… x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRAKE
    http://marc.info/?l=bugtraq&m=110123023521619&w=2 mailing-listx_refsource_BUGTRAQ
    http://asg.web.cmu.edu/archive/message.php?mailbo… mailing-listx_refsource_MLIST
    http://secunia.com/advisories/13274/ third-party-advisoryx_refsource_SECUNIA
    http://security.gentoo.org/glsa/glsa-200411-34.xml vendor-advisoryx_refsource_GENTOO
    https://www.ubuntu.com/usn/usn-31-1/ vendor-advisoryx_refsource_UBUNTU
    Date Public
    2004-11-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:39:00.882Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-597",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-597"
              },
              {
                "name": "cyrus-imap-commands-execute-code(18199)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18199"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://security.e-matters.de/advisories/152004.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
              },
              {
                "name": "MDKSA-2004:139",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
              },
              {
                "name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
              },
              {
                "name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
              },
              {
                "name": "13274",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/13274/"
              },
              {
                "name": "GLSA-200411-34",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
              },
              {
                "name": "USN-31-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://www.ubuntu.com/usn/usn-31-1/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-11-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command (\"body[p\") that is treated as a different command (\"body.peek\") and causes an index increment error that leads to an out-of-bounds memory corruption."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "DSA-597",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-597"
            },
            {
              "name": "cyrus-imap-commands-execute-code(18199)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18199"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://security.e-matters.de/advisories/152004.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
            },
            {
              "name": "MDKSA-2004:139",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
            },
            {
              "name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
            },
            {
              "name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
            },
            {
              "name": "13274",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/13274/"
            },
            {
              "name": "GLSA-200411-34",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
            },
            {
              "name": "USN-31-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://www.ubuntu.com/usn/usn-31-1/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1012",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command (\"body[p\") that is treated as a different command (\"body.peek\") and causes an index increment error that leads to an out-of-bounds memory corruption."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-597",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-597"
                },
                {
                  "name": "cyrus-imap-commands-execute-code(18199)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18199"
                },
                {
                  "name": "http://security.e-matters.de/advisories/152004.html",
                  "refsource": "MISC",
                  "url": "http://security.e-matters.de/advisories/152004.html"
                },
                {
                  "name": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html",
                  "refsource": "CONFIRM",
                  "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
                },
                {
                  "name": "MDKSA-2004:139",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
                },
                {
                  "name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
                },
                {
                  "name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
                  "refsource": "MLIST",
                  "url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
                },
                {
                  "name": "13274",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/13274/"
                },
                {
                  "name": "GLSA-200411-34",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
                },
                {
                  "name": "USN-31-1",
                  "refsource": "UBUNTU",
                  "url": "https://www.ubuntu.com/usn/usn-31-1/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1012",
        "datePublished": "2004-12-01T05:00:00.000Z",
        "dateReserved": "2004-11-04T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:39:00.882Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1013 (GCVE-0-2004-1013)

    Vulnerability from cvelistv5 – Published: 2004-12-01 05:00 – Updated: 2024-08-08 00:38
    VLAI
    Summary
    The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.debian.org/security/2004/dsa-597 vendor-advisoryx_refsource_DEBIAN
    http://security.e-matters.de/advisories/152004.html x_refsource_MISC
    http://asg.web.cmu.edu/cyrus/download/imapd/chang… x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRAKE
    http://marc.info/?l=bugtraq&m=110123023521619&w=2 mailing-listx_refsource_BUGTRAQ
    http://asg.web.cmu.edu/archive/message.php?mailbo… mailing-listx_refsource_MLIST
    http://secunia.com/advisories/13274/ third-party-advisoryx_refsource_SECUNIA
    http://security.gentoo.org/glsa/glsa-200411-34.xml vendor-advisoryx_refsource_GENTOO
    https://www.ubuntu.com/usn/usn-31-1/ vendor-advisoryx_refsource_UBUNTU
    Date Public
    2004-11-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:38:59.800Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-597",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-597"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://security.e-matters.de/advisories/152004.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
              },
              {
                "name": "MDKSA-2004:139",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
              },
              {
                "name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
              },
              {
                "name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
              },
              {
                "name": "13274",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/13274/"
              },
              {
                "name": "GLSA-200411-34",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
              },
              {
                "name": "USN-31-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://www.ubuntu.com/usn/usn-31-1/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-11-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) \"body[p\", (2) \"binary[p\", or (3) \"binary[p\") that cause an index increment error that leads to an out-of-bounds memory corruption."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-12-06T21:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "DSA-597",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-597"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://security.e-matters.de/advisories/152004.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
            },
            {
              "name": "MDKSA-2004:139",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
            },
            {
              "name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
            },
            {
              "name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
            },
            {
              "name": "13274",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/13274/"
            },
            {
              "name": "GLSA-200411-34",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
            },
            {
              "name": "USN-31-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://www.ubuntu.com/usn/usn-31-1/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1013",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) \"body[p\", (2) \"binary[p\", or (3) \"binary[p\") that cause an index increment error that leads to an out-of-bounds memory corruption."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-597",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-597"
                },
                {
                  "name": "http://security.e-matters.de/advisories/152004.html",
                  "refsource": "MISC",
                  "url": "http://security.e-matters.de/advisories/152004.html"
                },
                {
                  "name": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html",
                  "refsource": "CONFIRM",
                  "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
                },
                {
                  "name": "MDKSA-2004:139",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
                },
                {
                  "name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
                },
                {
                  "name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
                  "refsource": "MLIST",
                  "url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
                },
                {
                  "name": "13274",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/13274/"
                },
                {
                  "name": "GLSA-200411-34",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
                },
                {
                  "name": "USN-31-1",
                  "refsource": "UBUNTU",
                  "url": "https://www.ubuntu.com/usn/usn-31-1/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1013",
        "datePublished": "2004-12-01T05:00:00.000Z",
        "dateReserved": "2004-11-04T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:38:59.800Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1015 (GCVE-0-2004-1015)

    Vulnerability from cvelistv5 – Published: 2004-12-01 05:00 – Updated: 2024-08-08 00:39
    VLAI
    Summary
    Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2004-11-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:39:00.635Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cyrus-magic-plus-bo(18274)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18274"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
              },
              {
                "name": "MDKSA-2004:139",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
              },
              {
                "name": "[cyrus-announce] 20041123 Cyrus IMAPd 2.2.10 Released",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=145"
              },
              {
                "name": "GLSA-200411-34",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-11-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "cyrus-magic-plus-bo(18274)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18274"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
            },
            {
              "name": "MDKSA-2004:139",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
            },
            {
              "name": "[cyrus-announce] 20041123 Cyrus IMAPd 2.2.10 Released",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=145"
            },
            {
              "name": "GLSA-200411-34",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1015",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "cyrus-magic-plus-bo(18274)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18274"
                },
                {
                  "name": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html",
                  "refsource": "CONFIRM",
                  "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
                },
                {
                  "name": "MDKSA-2004:139",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
                },
                {
                  "name": "[cyrus-announce] 20041123 Cyrus IMAPd 2.2.10 Released",
                  "refsource": "MLIST",
                  "url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=145"
                },
                {
                  "name": "GLSA-200411-34",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1015",
        "datePublished": "2004-12-01T05:00:00.000Z",
        "dateReserved": "2004-11-04T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:39:00.635Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-1580 (GCVE-0-2002-1580)

    Vulnerability from cvelistv5 – Published: 2004-05-20 04:00 – Updated: 2024-08-08 03:26
    VLAI
    Summary
    Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://distro.conectiva.com/atualizacoes/?id=a&an… vendor-advisoryx_refsource_CONECTIVA
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://www.debian.org/security/2002/dsa-215 vendor-advisoryx_refsource_DEBIAN
    http://asg.web.cmu.edu/cyrus/download/imapd/chang… x_refsource_CONFIRM
    http://www.kb.cert.org/vuls/id/740169 third-party-advisoryx_refsource_CERT-VN
    http://www.securityfocus.com/bid/6298 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/301864 mailing-listx_refsource_BUGTRAQ
    Date Public
    2002-12-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:26:29.337Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "000557",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com/atualizacoes/?id=a\u0026anuncio=000557"
              },
              {
                "name": "CLA-2002:557",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000557"
              },
              {
                "name": "DSA-215",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2002/dsa-215"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
              },
              {
                "name": "VU#740169",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/740169"
              },
              {
                "name": "6298",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/6298"
              },
              {
                "name": "cyrus-imap-preauth-bo(10744)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10744"
              },
              {
                "name": "20021202 pre-login buffer overflow in Cyrus IMAP server",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/301864"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-12-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "000557",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com/atualizacoes/?id=a\u0026anuncio=000557"
            },
            {
              "name": "CLA-2002:557",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000557"
            },
            {
              "name": "DSA-215",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2002/dsa-215"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
            },
            {
              "name": "VU#740169",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/740169"
            },
            {
              "name": "6298",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/6298"
            },
            {
              "name": "cyrus-imap-preauth-bo(10744)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10744"
            },
            {
              "name": "20021202 pre-login buffer overflow in Cyrus IMAP server",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/301864"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-1580",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "000557",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com/atualizacoes/?id=a\u0026anuncio=000557"
                },
                {
                  "name": "CLA-2002:557",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000557"
                },
                {
                  "name": "DSA-215",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2002/dsa-215"
                },
                {
                  "name": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html",
                  "refsource": "CONFIRM",
                  "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
                },
                {
                  "name": "VU#740169",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/740169"
                },
                {
                  "name": "6298",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/6298"
                },
                {
                  "name": "cyrus-imap-preauth-bo(10744)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10744"
                },
                {
                  "name": "20021202 pre-login buffer overflow in Cyrus IMAP server",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/301864"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-1580",
        "datePublished": "2004-05-20T04:00:00.000Z",
        "dateReserved": "2004-05-13T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:26:29.337Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2001-1154 (GCVE-0-2001-1154)

    Vulnerability from cvelistv5 – Published: 2002-03-15 05:00 – Updated: 2024-08-08 04:44
    VLAI
    Summary
    Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote attackers to cause a denial of service (hang) using PHP IMAP clients.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/211056 mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/3260 vdb-entryx_refsource_BID
    Date Public
    2001-08-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:44:07.894Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cyrus-imap-php-dos(7053)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7053"
              },
              {
                "name": "20010830 Possible Denial of Service with PHP and Cyrus IMAP on BSDi 4.2",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/211056"
              },
              {
                "name": "3260",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/3260"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-08-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote attackers to cause a denial of service (hang) using PHP IMAP clients."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-12-18T21:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "cyrus-imap-php-dos(7053)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7053"
            },
            {
              "name": "20010830 Possible Denial of Service with PHP and Cyrus IMAP on BSDi 4.2",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/211056"
            },
            {
              "name": "3260",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/3260"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-1154",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote attackers to cause a denial of service (hang) using PHP IMAP clients."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "cyrus-imap-php-dos(7053)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7053"
                },
                {
                  "name": "20010830 Possible Denial of Service with PHP and Cyrus IMAP on BSDi 4.2",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/211056"
                },
                {
                  "name": "3260",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/3260"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-1154",
        "datePublished": "2002-03-15T05:00:00.000Z",
        "dateReserved": "2002-03-15T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:44:07.894Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2000-0956 (GCVE-0-2000-0956)

    Vulnerability from cvelistv5 – Published: 2001-01-22 05:00 – Updated: 2024-08-08 05:37
    VLAI
    Summary
    cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local user, which could allow the users to bypass specified access restrictions.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.redhat.com/support/errata/RHSA-2000-094.html vendor-advisoryx_refsource_REDHAT
    http://www.securityfocus.com/bid/1875 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2000-10-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T05:37:31.992Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2000:094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2000-094.html"
              },
              {
                "name": "1875",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/1875"
              },
              {
                "name": "cyrus-sasl-gain-access(5427)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5427"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2000-10-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local user, which could allow the users to bypass specified access restrictions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2004-09-02T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "RHSA-2000:094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2000-094.html"
            },
            {
              "name": "1875",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/1875"
            },
            {
              "name": "cyrus-sasl-gain-access(5427)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5427"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2000-0956",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local user, which could allow the users to bypass specified access restrictions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2000:094",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2000-094.html"
                },
                {
                  "name": "1875",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/1875"
                },
                {
                  "name": "cyrus-sasl-gain-access(5427)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5427"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2000-0956",
        "datePublished": "2001-01-22T05:00:00.000Z",
        "dateReserved": "2000-11-24T00:00:00.000Z",
        "dateUpdated": "2024-08-08T05:37:31.992Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }