CVE-2002-1580
Cyrus IMAP Server 1.4 and 2.1.10 - Remote Code Execution via Integer Overflow in imapparse.c
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2002-1580. PoCs published by Timo Sirainen.
AI-analyzed exploit summary This exploit leverages a buffer overflow in Cyrus IMAPD by sending an excessively long login string, potentially leading to heap corruption and arbitrary code execution. The PoC uses a Perl one-liner to generate the malicious input and pipes it to netcat for delivery.
Description
Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347.
Exploits (1)
This exploit leverages a buffer overflow in Cyrus IMAPD by sending an excessively long login string, potentially leading to heap corruption and arbitrary code execution. The PoC uses a Perl one-liner to generate the malicious input and pipes it to netcat for delivery.