CVE-2002-1580

Cyrus IMAP Server 1.4 and 2.1.10 - Remote Code Execution via Integer Overflow in imapparse.c

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-1580. PoCs published by Timo Sirainen.

AI-analyzed exploit summary This exploit leverages a buffer overflow in Cyrus IMAPD by sending an excessively long login string, potentially leading to heap corruption and arbitrary code execution. The PoC uses a Perl one-liner to generate the malicious input and pipes it to netcat for delivery.

Description

Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Timo Sirainen · textdoslinux
https://www.exploit-db.com/exploits/22061

This exploit leverages a buffer overflow in Cyrus IMAPD by sending an excessively long login string, potentially leading to heap corruption and arbitrary code execution. The PoC uses a Perl one-liner to generate the malicious input and pipes it to netcat for delivery.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Theoretical
Target: Cyrus IMAPD (versions prior to fix for CVE-2002-1580)
No auth needed
Prerequisites: Network access to the target IMAP service · Cyrus IMAPD running on the target
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (8)

Core 8
Core References
Patch, Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/740169
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/6298
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/10744
Exploit, Patch, Vendor Advisory mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/301864
Various Sources vendor-advisory x_refsource_conectiva
http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000557
Vendor Advisory vendor-advisory x_refsource_conectiva
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000557
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2002/dsa-215
Various Sources x_refsource_confirm
http://asg.web.cmu.edu/cyrus/download/imapd/changes.html

Scores

EPSS 0.1652
EPSS Percentile 96.6%

Details

Status published
Products (6)
carnegie_mellon_university/cyrus_imap_server 1.4
carnegie_mellon_university/cyrus_imap_server 1.5.19
carnegie_mellon_university/cyrus_imap_server 2.0.12
carnegie_mellon_university/cyrus_imap_server 2.0.16
carnegie_mellon_university/cyrus_imap_server 2.1.9
carnegie_mellon_university/cyrus_imap_server 2.1.10
Published Jun 14, 2004
Tracked Since Feb 18, 2026