CVE-2002-2043
https://notcve.org/view.php?id=CVE-2002-2043
SQL injection vulnerability in the LDAP and MySQL authentication patch for Cyrus SASL 1.5.24 and 1.5.27 allows remote attackers to execute arbitrary SQL commands and log in as arbitrary POP mail users via the password. • http://archives.neohapsis.com/archives/bugtraq/2002-04/0020.html http://www.iss.net/security_center/static/8748.php http://www.securityfocus.com/bid/4409 •
CVE-2002-2253
https://notcve.org/view.php?id=CVE-2002-2253
Multiple buffer overflows in Cyrus Sieve / libSieve 2.1.2 and earlier allow remote attackers to execute arbitrary code via (1) a long header name, (2) a long IMAP flag, or (3) a script that generates a large number of errors that overflow the resulting error string. • http://archives.neohapsis.com/archives/bugtraq/2002-12/0019.html http://www.securityfocus.com/bid/6294 http://www.securityfocus.com/bid/6299 http://www.securityfocus.com/bid/6300 https://exchange.xforce.ibmcloud.com/vulnerabilities/10743 https://exchange.xforce.ibmcloud.com/vulnerabilities/10779 https://exchange.xforce.ibmcloud.com/vulnerabilities/10780 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •