'; echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "www.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "www.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "www.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "www.hp-telecom.com") { echo ''; echo 'hp-telecom'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

IMAP Attack (Attack ID:900001)

Release Date:2009-09-27

Attack Name:Login literal buffer overflow attempt

OS Type:Window Linux Unix

Application Type

Severity:Critical

BUG ID

CVE ID

 

Description

This event is generated when a remote attacker sends a LOGIN command with a suspiciously long argument to an internal IMAP server, indicating an attempt to exploit a buffer overflow vulnerability in Carnegie Mellon University Cyrus IMAP Server. This may also affect other IMAP server implementations.

Impact:
Possible remote execution of arbitrary code, leading to remote root compromise.

Affected Systems:
CMU Cyrus IMAP Server version 2.1.10 or earlier.

Additional References:
http://cgi.nessus.org/plugins/dump.php3?id=12532

 

Solution

Ensure the system is using an up to date version of the software and has had all vendor supplied patches applied.