Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2502

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2006-2502
Last Modified 07 Mar 2011 09:36:19
Published 22 May 2006 12:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-2502

Summary

Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows remote attackers to execute arbitrary code via a long USER command.

Vulnerable Systems

Application

  • Cyrus Imapd 2.3.2


References

VUPEN - ADV-2006-1891

BID - 18056

FULLDISC - 20060521 Cyrus IMAPD pop3d remote compromise aka cyrusFUCK3d

XF - cyrus-imap-pop3d-bo(26578)

SECTRACK - 1016131


Last Updated: 27 May 2016 10:42:30