CVE-2004-1011

Name of the Vulnerable Software and Affected Versions: Cyrus IMAP Server versions 2.2.4 through 2.2.8

Description: The issue is a stack-based buffer overflow that allows remote attackers to execute arbitrary code. This can be achieved via a long PROXY or LOGIN command when the imapmagicplus option is enabled.

Recommendations: For Cyrus IMAP Server versions 2.2.4 through 2.2.8, consider disabling the imapmagicplus option as a temporary workaround to minimize the risk of exploitation. Restrict access to the PROXY and LOGIN commands until a patch is available.