Filtered by vendor Carnegie Mellon University
Subscribe
Total
10 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-0250 | 1 Carnegie Mellon University | 1 Snmptrapd | 2024-02-14 | 6.4 MEDIUM | N/A |
| Format string vulnerability in the snmp_input function in snmptrapd in CMU SNMP utilities (cmu-snmp) allows remote attackers to execute arbitrary code by sending crafted SNMP messages to UDP port 162. | |||||
| CVE-2009-0688 | 1 Carnegie Mellon University | 1 Cyrus-sasl | 2023-12-10 | 7.5 HIGH | N/A |
| Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c. | |||||
| CVE-2004-1067 | 3 Carnegie Mellon University, Redhat, Ubuntu | 3 Cyrus Imap Server, Fedora Core, Ubuntu Linux | 2023-12-10 | 10.0 HIGH | N/A |
| Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username. | |||||
| CVE-2004-1011 | 6 Carnegie Mellon University, Conectiva, Openpkg and 3 more | 6 Cyrus Imap Server, Linux, Openpkg and 3 more | 2023-12-10 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015. | |||||
| CVE-2004-1013 | 6 Carnegie Mellon University, Conectiva, Openpkg and 3 more | 6 Cyrus Imap Server, Linux, Openpkg and 3 more | 2023-12-10 | 10.0 HIGH | N/A |
| The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption. | |||||
| CVE-2004-1012 | 6 Carnegie Mellon University, Conectiva, Openpkg and 3 more | 6 Cyrus Imap Server, Linux, Openpkg and 3 more | 2023-12-10 | 10.0 HIGH | N/A |
| The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption. | |||||
| CVE-2004-1015 | 3 Carnegie Mellon University, Redhat, Ubuntu | 3 Cyrus Imap Server, Fedora Core, Ubuntu Linux | 2023-12-10 | 10.0 HIGH | N/A |
| Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011. | |||||
| CVE-2000-0956 | 1 Carnegie Mellon University | 1 Cyrus-sasl | 2023-12-10 | 4.6 MEDIUM | N/A |
| cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local user, which could allow the users to bypass specified access restrictions. | |||||
| CVE-2002-1580 | 1 Carnegie Mellon University | 1 Cyrus Imap Server | 2023-12-10 | 7.5 HIGH | N/A |
| Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347. | |||||
| CVE-2001-1154 | 2 Bsdi, Carnegie Mellon University | 2 Bsd Os, Cyrus Imap Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote attackers to cause a denial of service (hang) using PHP IMAP clients. | |||||