CVE-2002-1347
published 2002-12-18CVE-2002-1347: Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via…
PriorityP428critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
7.08%
93.4th percentile
Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during LDAP authentication using saslauthd, or (3) an off-by-one error in the log writer, which does not allocate space for the null character that terminates a string.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | mac_os_x | < 10.3.8 | 10.3.8 |
| apple | mac_os_x_server | < 10.3.8 | 10.3.8 |
| carnegie_mellon_university | cyrus_imap_server | — | — |
| carnegie_mellon_university | cyrus_imap_server | — | — |
| carnegie_mellon_university | cyrus_imap_server | — | — |
| carnegie_mellon_university | cyrus_imap_server | — | — |
| carnegie_mellon_university | cyrus_imap_server | — | — |
| carnegie_mellon_university | cyrus_imap_server | — | — |
| cyrusimap | cyrus_sasl | <= 2.1.9 | — |
| debian | cyrus-imapd | < cyrus-imapd 1.5.19-9.10 (bookworm) | cyrus-imapd 1.5.19-9.10 (bookworm) |
| debian | cyrus-sasl2 | < cyrus-sasl2 2.1.10-1 (bookworm) | cyrus-sasl2 2.1.10-1 (bookworm) |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_debian9.8CRITICAL
vendor_redhat9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
security flaw
vendor_redhat·2002-12-09·CVSS 9.8
CVE-2002-1347 [CRITICAL] security flaw
security flaw
Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during LDAP authentication using saslauthd, or (3) an off-by-one error in the log writer, which does not allocate space for the null character that terminates a string.
Debian
CVE-2002-1580: cyrus-imapd - Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remo...
vendor_debian·2002·CVSS 9.8
CVE-2002-1580 [CRITICAL] CVE-2002-1580: cyrus-imapd - Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remo...
Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347.
Scope: local
bookworm: resolved (fixed in 1.5.19-9.10)
bullseye: resolved (fixed in 1.5.19-9.10)
forky: resolved (fixed in 1.5.19-9.10)
sid: resolved (fixed in 1.5.19-9.10)
trixie: resolved (fixed in 1.5.19-9.10)
Debian
CVE-2002-1347: cyrus-sasl2 - Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote a...
vendor_debian·2002·CVSS 9.8
CVE-2002-1347 [CRITICAL] CVE-2002-1347: cyrus-sasl2 - Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote a...
Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during LDAP authentication using saslauthd, or (3) an off-by-one error in the log writer, which does not allocate space for the null character that terminates a string.
Scope: local
bookworm: resolved (fixed in 2.1.10-1)
bullseye: resolved (fixed in 2.1.10-1)
forky: resolved (fixed in 2.1.10-1)
sid: resolved (fixed in 2.1.10-1)
trixie: resolved (fixed in 2.1.10-1)
GHSA
GHSA-5xcv-v8fh-pcrc: Integer overflow in imapparse
ghsa_unreviewed·2022-04-30·CVSS 9.8
CVE-2002-1580 [CRITICAL] GHSA-5xcv-v8fh-pcrc: Integer overflow in imapparse
Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347.
GHSA
GHSA-hmpx-mhc7-wxwr: Multiple buffer overflows in Cyrus SASL library 2
ghsa_unreviewed·2022-04-30
CVE-2002-1347 [HIGH] CWE-131 GHSA-hmpx-mhc7-wxwr: Multiple buffer overflows in Cyrus SASL library 2
Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during LDAP authentication using saslauthd, or (3) an off-by-one error in the log writer, which does not allocate space for the null character that terminates a string.
OSV
CVE-2002-1580: Integer overflow in imapparse
osv·2004-06-14·CVSS 9.8
CVE-2002-1580 [CRITICAL] CVE-2002-1580: Integer overflow in imapparse
Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347.
OSV
CVE-2002-1347: Multiple buffer overflows in Cyrus SASL library 2
osv·2002-12-18·CVSS 9.8
CVE-2002-1347 [CRITICAL] CVE-2002-1347: Multiple buffer overflows in Cyrus SASL library 2
Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during LDAP authentication using saslauthd, or (3) an off-by-one error in the log writer, which does not allocate space for the null character that terminates a string.
No detection rules found.
No public exploits indexed.
http://archives.neohapsis.com/archives/linux/suse/2002-q4/1275.htmlhttp://distro.conectiva.com/atualizacoes/?id=a&anuncio=000557http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.htmlhttp://marc.info/?l=bugtraq&m=103946297703402&w=2http://www.debian.org/security/2002/dsa-215http://www.redhat.com/support/errata/RHSA-2002-283.htmlhttp://www.securityfocus.com/advisories/4826http://www.securityfocus.com/bid/6347http://www.securityfocus.com/bid/6348http://www.securityfocus.com/bid/6349https://exchange.xforce.ibmcloud.com/vulnerabilities/10810https://exchange.xforce.ibmcloud.com/vulnerabilities/10811https://exchange.xforce.ibmcloud.com/vulnerabilities/10812http://archives.neohapsis.com/archives/linux/suse/2002-q4/1275.htmlhttp://distro.conectiva.com/atualizacoes/?id=a&anuncio=000557http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.htmlhttp://marc.info/?l=bugtraq&m=103946297703402&w=2http://www.debian.org/security/2002/dsa-215http://www.redhat.com/support/errata/RHSA-2002-283.htmlhttp://www.securityfocus.com/advisories/4826http://www.securityfocus.com/bid/6347http://www.securityfocus.com/bid/6348http://www.securityfocus.com/bid/6349https://exchange.xforce.ibmcloud.com/vulnerabilities/10810https://exchange.xforce.ibmcloud.com/vulnerabilities/10811https://exchange.xforce.ibmcloud.com/vulnerabilities/10812
2002-12-18
Published