|
|
Family: Gain root remotely --> Category: infos
cyrus-imsp abook_dbname buffer overflow Vulnerability Scan
Vulnerability Scan Summary
cyrus-imsp abook_dbname buffer overflow
Detailed Explanation for this Vulnerability Test
The remote host is running a version of cyrus-imsp (Internet Message Support
Protocol) which has a buffer overflow bug.
A possible hacker could exploit this bug to execute arbitrary code on this system
with the rights of the root user.
The overflow occurs when the user issues a too long argument as his name,
causing an overflow in the abook_dbname function command.
Threat Level: High
Solution : Upgrade cyrus-imsp server to version version 1.6a4 or 1.7a
Click HERE for more information and discussions on this network vulnerability scan.
|
