CVE-2004-1067 Information

Description

Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow which may allow remote attackers to execute arbitrary code via the username.

Reference

http://asg.web.cmu.edu/cyrus/download/imapd/changes.html http://www.securityfocus.com/bid/11738 https://exchange.xforce.ibmcloud.com/vulnerabilities/18333 https://www.ubuntu.com/usn/usn-37-1/