search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Cyrus IMAPd buffer overflow vulnerability

Vulnerability Note VU#336053

Original Release Date: 2009-09-09 | Last Revised: 2009-09-11

Overview

The Cyrus IMAP server contains a vulnerability that may allow an authenticated attacker to execute code.

Description

The Cyrus IMAP mail server supports the SIEVE mail filtering language. Cyrus IMAP versions 2.2 through 2.3.14 contain a buffer overflow vulnerability that may be triggered by a specially crafted SIEVE script. To install this type of script, the attacker would need to have direct access to a mail account on the server.

Impact

An attacker with the ability to install SIEVE scripts may be able to gain elevated privileges and use the new permissions to execute code, read other user's mail, or send spoofed email messages.

Solution

Update

The Cyrus IMAP team has released an update to address this issue. See http://lists.andrew.cmu.edu/pipermail/cyrus-announce/2009-September/000068.html for more information.


Disable SIEVE

Administrators who compile Cyrus IMAP from source can use the --disable-sieve option to mitigate this issue.

Vendor Information

336053
 

View all 40 vendors View less vendors


CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

Thanks to the Cyrus IMAP development team and Bron Gondwana for information that was used in this report.

This document was written by Ryan Giobbi.

Other Information

CVE IDs: CVE-2009-2632
Severity Metric: 0.56
Date Public: 2009-09-07
Date First Published: 2009-09-09
Date Last Updated: 2009-09-11 13:15 UTC
Document Revision: 18

Sponsored by CISA.