CVE-2005-0546

Name of the Vulnerable Software and Affected Versions Cyrus IMAPd versions prior to 2.2.11

Description The issue is related to multiple buffer overflows that may allow attackers to execute arbitrary code. The overflows occur due to off-by-one errors in the imapd annotate extension and "cached header handling," as well as stack-based buffer overflows in fetchnews and imapd.

Recommendations For versions prior to 2.2.11, update to version 2.2.11 or later to resolve the issue. As a temporary workaround, consider restricting access to the annotate extension and fetchnews until a patch is available. Avoid using the vulnerable functions in imapd until the issue is resolved.