CVE-2004-1013

Current Description

The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption.

Basic Data

PublishedJanuary 10, 2005
Last ModifiedDecember 08, 2016
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score10.0
SeverityHIGH
Exploitability Score10.0
Impact Score10.0
Obtain All Privilegetrue
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationCarnegie Mellon UniversityCyrus Imap Server2.1.7*******
    2.3ApplicationCarnegie Mellon UniversityCyrus Imap Server2.1.9*******
    2.3ApplicationCarnegie Mellon UniversityCyrus Imap Server2.1.10*******
    2.3ApplicationCarnegie Mellon UniversityCyrus Imap Server2.1.16*******
    2.3ApplicationCarnegie Mellon UniversityCyrus Imap Server2.2.0_alpha*******
    2.3ApplicationCarnegie Mellon UniversityCyrus Imap Server2.2.1_beta*******
    2.3ApplicationCarnegie Mellon UniversityCyrus Imap Server2.2.2_beta*******
    2.3ApplicationCarnegie Mellon UniversityCyrus Imap Server2.2.3*******
    2.3ApplicationCarnegie Mellon UniversityCyrus Imap Server2.2.4*******
    2.3ApplicationCarnegie Mellon UniversityCyrus Imap Server2.2.5*******
    2.3ApplicationCarnegie Mellon UniversityCyrus Imap Server2.2.6*******
    2.3ApplicationCarnegie Mellon UniversityCyrus Imap Server2.2.7*******
    2.3ApplicationCarnegie Mellon UniversityCyrus Imap Server2.2.8*******
    2.3ApplicationOpenpkgOpenpkgcurrent*******
    2.3OSConectivaLinux9.0*******
    2.3OSConectivaLinux10.0*******
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSRedhatFedora Corecore_2.0*******
    2.3OSRedhatFedora Corecore_3.0*******
    2.3OSTrustixSecure Linux2.0*******
    2.3OSTrustixSecure Linux2.1*******
    2.3OSTrustixSecure Linux2.2*******
    2.3OSUbuntuUbuntu Linux4.1*ia64*****
    2.3OSUbuntuUbuntu Linux4.1*ppc*****

Vulnerable Software List

VendorProductVersions
Openpkg Openpkg current
Redhat Fedora Core core_2.0, core_3.0
Conectiva Linux 10.0, 9.0
Ubuntu Ubuntu Linux 4.1
Carnegie Mellon University Cyrus Imap Server 2.1.10, 2.1.16, 2.1.7, 2.1.9, 2.2.0_alpha, 2.2.1_beta, 2.2.2_beta, 2.2.3, 2.2.4, 2.2.5, 2.2.6, 2.2.7, 2.2.8
Trustix Secure Linux 2.0, 2.1, 2.2

References

NameSourceURLTags
[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Releasedhttp://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce&msg=143MLIST
http://asg.web.cmu.edu/cyrus/download/imapd/changes.htmlhttp://asg.web.cmu.edu/cyrus/download/imapd/changes.htmlCONFIRM
20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilitieshttp://marc.info/?l=bugtraq&m=110123023521619&w=2BUGTRAQ
13274http://secunia.com/advisories/13274/SECUNIA
http://security.e-matters.de/advisories/152004.htmlhttp://security.e-matters.de/advisories/152004.htmlMISC
GLSA-200411-34http://security.gentoo.org/glsa/glsa-200411-34.xmlGENTOO
DSA-597http://www.debian.org/security/2004/dsa-597DEBIANPATCH Vendor Advisory
MDKSA-2004:139http://www.mandriva.com/security/advisories?name=MDKSA-2004:139MANDRAKE
USN-31-1https://www.ubuntu.com/usn/usn-31-1/UBUNTU