Vulnerabilites related to cmu - cyrus_imap_server
cve-2009-2632
Vulnerability from cvelistv5
Published
2009-09-08 23:00
Modified
2024-08-07 05:59
Severity ?
EPSS score ?
Summary
Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:59:56.175Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36377",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36377"
},
{
"name": "DSA-1881",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1881"
},
{
"name": "36713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36713"
},
{
"name": "[Cyrus-CVS] 20090902 src/sieve by brong",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.andrew.cmu.edu/pipermail/cyrus-cvs/2009-September/001254.html"
},
{
"name": "36629",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36629"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sieve/script.c.diff?r1=1.62\u0026r2=1.62.2.1\u0026only_with_tag=cyrus-imapd-2_2-tail"
},
{
"name": "[Dovecot-news] 20090914 Security holes in CMU Sieve plugin",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://dovecot.org/list/dovecot-news/2009-September/000135.html"
},
{
"name": "APPLE-SA-2010-03-29-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"name": "[Cyrus-CVS] 20090902 src/sieve by brong",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.andrew.cmu.edu/pipermail/cyrus-cvs/2009-September/001253.html"
},
{
"name": "36632",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36632"
},
{
"name": "USN-838-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-838-1"
},
{
"name": "58103",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/58103"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4077"
},
{
"name": "SUSE-SR:2009:016",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
},
{
"name": "36904",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36904"
},
{
"name": "36698",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36698"
},
{
"name": "36296",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36296"
},
{
"name": "ADV-2009-2641",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/2641"
},
{
"name": "ADV-2009-2559",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/2559"
},
{
"name": "FEDORA-2009-9559",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-September/msg00491.html"
},
{
"name": "oval:org.mitre.oval:def:10082",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10082"
},
{
"name": "[oss-security] 20090914 Re: CVE for recent cyrus-imap issue",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/09/14/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-09-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "36377",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36377"
},
{
"name": "DSA-1881",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1881"
},
{
"name": "36713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36713"
},
{
"name": "[Cyrus-CVS] 20090902 src/sieve by brong",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.andrew.cmu.edu/pipermail/cyrus-cvs/2009-September/001254.html"
},
{
"name": "36629",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36629"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sieve/script.c.diff?r1=1.62\u0026r2=1.62.2.1\u0026only_with_tag=cyrus-imapd-2_2-tail"
},
{
"name": "[Dovecot-news] 20090914 Security holes in CMU Sieve plugin",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://dovecot.org/list/dovecot-news/2009-September/000135.html"
},
{
"name": "APPLE-SA-2010-03-29-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"name": "[Cyrus-CVS] 20090902 src/sieve by brong",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.andrew.cmu.edu/pipermail/cyrus-cvs/2009-September/001253.html"
},
{
"name": "36632",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36632"
},
{
"name": "USN-838-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-838-1"
},
{
"name": "58103",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/58103"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4077"
},
{
"name": "SUSE-SR:2009:016",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
},
{
"name": "36904",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36904"
},
{
"name": "36698",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36698"
},
{
"name": "36296",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36296"
},
{
"name": "ADV-2009-2641",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/2641"
},
{
"name": "ADV-2009-2559",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/2559"
},
{
"name": "FEDORA-2009-9559",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-September/msg00491.html"
},
{
"name": "oval:org.mitre.oval:def:10082",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10082"
},
{
"name": "[oss-security] 20090914 Re: CVE for recent cyrus-imap issue",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/09/14/3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2009-2632",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36377",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36377"
},
{
"name": "DSA-1881",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1881"
},
{
"name": "36713",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36713"
},
{
"name": "[Cyrus-CVS] 20090902 src/sieve by brong",
"refsource": "MLIST",
"url": "https://lists.andrew.cmu.edu/pipermail/cyrus-cvs/2009-September/001254.html"
},
{
"name": "36629",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36629"
},
{
"name": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sieve/script.c.diff?r1=1.62\u0026r2=1.62.2.1\u0026only_with_tag=cyrus-imapd-2_2-tail",
"refsource": "CONFIRM",
"url": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sieve/script.c.diff?r1=1.62\u0026r2=1.62.2.1\u0026only_with_tag=cyrus-imapd-2_2-tail"
},
{
"name": "[Dovecot-news] 20090914 Security holes in CMU Sieve plugin",
"refsource": "MLIST",
"url": "http://dovecot.org/list/dovecot-news/2009-September/000135.html"
},
{
"name": "APPLE-SA-2010-03-29-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"name": "[Cyrus-CVS] 20090902 src/sieve by brong",
"refsource": "MLIST",
"url": "https://lists.andrew.cmu.edu/pipermail/cyrus-cvs/2009-September/001253.html"
},
{
"name": "36632",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36632"
},
{
"name": "USN-838-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-838-1"
},
{
"name": "58103",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/58103"
},
{
"name": "http://support.apple.com/kb/HT4077",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4077"
},
{
"name": "SUSE-SR:2009:016",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
},
{
"name": "36904",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36904"
},
{
"name": "36698",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36698"
},
{
"name": "36296",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36296"
},
{
"name": "ADV-2009-2641",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2641"
},
{
"name": "ADV-2009-2559",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2559"
},
{
"name": "FEDORA-2009-9559",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-September/msg00491.html"
},
{
"name": "oval:org.mitre.oval:def:10082",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10082"
},
{
"name": "[oss-security] 20090914 Re: CVE for recent cyrus-imap issue",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/09/14/3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2009-2632",
"datePublished": "2009-09-08T23:00:00",
"dateReserved": "2009-07-28T00:00:00",
"dateUpdated": "2024-08-07T05:59:56.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-3208
Vulnerability from cvelistv5
Published
2011-09-14 17:00
Modified
2024-08-06 23:29
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.064Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2011:1034",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "https://hermes.opensuse.org/messages/11723935"
},
{
"name": "46064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46064"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.cyrusimap.org/cyrus-imapd/commit/?id=3244c18c928fa331f6927e2b8146abe90feafddd"
},
{
"name": "49534",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49534"
},
{
"name": "75307",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/75307"
},
{
"name": "openSUSE-SU-2011:1036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2011-09/msg00019.html"
},
{
"name": "[cyrus-announce] 20110908 Cyrus 2.4.11 Released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://asg.andrew.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=200"
},
{
"name": "45975",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45975"
},
{
"name": "cyrus-splitwildmats-bo(69679)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69679"
},
{
"name": "[cyrus-announce] 20110908 Cyrus 2.3.17 Released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://asg.andrew.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=199"
},
{
"name": "RHSA-2011:1317",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1317.html"
},
{
"name": "45938",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45938"
},
{
"name": "MDVSA-2011:149",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:149"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=734926"
},
{
"name": "DSA-2318",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2318"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.cyrusimap.org/cyrus-imapd/commit/?id=0f8f026699829b65733c3081657b24e2174f4f4d"
},
{
"name": "1026031",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1026031"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "SUSE-SU-2011:1034",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "https://hermes.opensuse.org/messages/11723935"
},
{
"name": "46064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46064"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.cyrusimap.org/cyrus-imapd/commit/?id=3244c18c928fa331f6927e2b8146abe90feafddd"
},
{
"name": "49534",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49534"
},
{
"name": "75307",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/75307"
},
{
"name": "openSUSE-SU-2011:1036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2011-09/msg00019.html"
},
{
"name": "[cyrus-announce] 20110908 Cyrus 2.4.11 Released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://asg.andrew.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=200"
},
{
"name": "45975",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45975"
},
{
"name": "cyrus-splitwildmats-bo(69679)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69679"
},
{
"name": "[cyrus-announce] 20110908 Cyrus 2.3.17 Released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://asg.andrew.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=199"
},
{
"name": "RHSA-2011:1317",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1317.html"
},
{
"name": "45938",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45938"
},
{
"name": "MDVSA-2011:149",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:149"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=734926"
},
{
"name": "DSA-2318",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2318"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.cyrusimap.org/cyrus-imapd/commit/?id=0f8f026699829b65733c3081657b24e2174f4f4d"
},
{
"name": "1026031",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1026031"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-3208",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2011:1034",
"refsource": "SUSE",
"url": "https://hermes.opensuse.org/messages/11723935"
},
{
"name": "46064",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46064"
},
{
"name": "http://git.cyrusimap.org/cyrus-imapd/commit/?id=3244c18c928fa331f6927e2b8146abe90feafddd",
"refsource": "CONFIRM",
"url": "http://git.cyrusimap.org/cyrus-imapd/commit/?id=3244c18c928fa331f6927e2b8146abe90feafddd"
},
{
"name": "49534",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/49534"
},
{
"name": "75307",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/75307"
},
{
"name": "openSUSE-SU-2011:1036",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2011-09/msg00019.html"
},
{
"name": "[cyrus-announce] 20110908 Cyrus 2.4.11 Released",
"refsource": "MLIST",
"url": "http://asg.andrew.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=200"
},
{
"name": "45975",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45975"
},
{
"name": "cyrus-splitwildmats-bo(69679)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69679"
},
{
"name": "[cyrus-announce] 20110908 Cyrus 2.3.17 Released",
"refsource": "MLIST",
"url": "http://asg.andrew.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=199"
},
{
"name": "RHSA-2011:1317",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1317.html"
},
{
"name": "45938",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45938"
},
{
"name": "MDVSA-2011:149",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:149"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=734926",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=734926"
},
{
"name": "DSA-2318",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2318"
},
{
"name": "http://git.cyrusimap.org/cyrus-imapd/commit/?id=0f8f026699829b65733c3081657b24e2174f4f4d",
"refsource": "CONFIRM",
"url": "http://git.cyrusimap.org/cyrus-imapd/commit/?id=0f8f026699829b65733c3081657b24e2174f4f4d"
},
{
"name": "1026031",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1026031"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-3208",
"datePublished": "2011-09-14T17:00:00",
"dateReserved": "2011-08-19T00:00:00",
"dateUpdated": "2024-08-06T23:29:56.064Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-1926
Vulnerability from cvelistv5
Published
2011-05-23 22:00
Modified
2024-08-06 22:46
Severity ?
EPSS score ?
Summary
The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:46:00.659Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2011:0859",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0859.html"
},
{
"name": "FEDORA-2011-7217",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061374.html"
},
{
"name": "DSA-2258",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2258"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cyrusimap.org/docs/cyrus-imapd/2.4.7/changes.php"
},
{
"name": "MDVSA-2011:100",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:100"
},
{
"name": "FEDORA-2011-7193",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061415.html"
},
{
"name": "1025625",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025625"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=3423"
},
{
"name": "DSA-2242",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2242"
},
{
"name": "44876",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44876"
},
{
"name": "[oss-security] 20110517 CVE Request -- Cyrus-IMAP STARTTLS issue -- [was: Re: pure-ftpd STARTTLS command injection / new CVE?]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/05/17/2"
},
{
"name": "VU#555316",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/555316"
},
{
"name": "44928",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44928"
},
{
"name": "44913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44913"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=3424"
},
{
"name": "44670",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44670"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=705288"
},
{
"name": "cyrus-starttls-command-exec(67867)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67867"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.cyrusimap.org/cyrus-imapd/patch/?id=523a91a5e86c8b9a27a138f04a3e3f2d8786f162"
},
{
"name": "[oss-security] 20110517 Re: CVE Request -- Cyrus-IMAP STARTTLS issue -- [was: Re: pure-ftpd STARTTLS command injection / new CVE?]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/05/17/15"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a \"plaintext command injection\" attack, a similar issue to CVE-2011-0411."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2011:0859",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0859.html"
},
{
"name": "FEDORA-2011-7217",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061374.html"
},
{
"name": "DSA-2258",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2258"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cyrusimap.org/docs/cyrus-imapd/2.4.7/changes.php"
},
{
"name": "MDVSA-2011:100",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:100"
},
{
"name": "FEDORA-2011-7193",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061415.html"
},
{
"name": "1025625",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025625"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=3423"
},
{
"name": "DSA-2242",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2242"
},
{
"name": "44876",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44876"
},
{
"name": "[oss-security] 20110517 CVE Request -- Cyrus-IMAP STARTTLS issue -- [was: Re: pure-ftpd STARTTLS command injection / new CVE?]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/05/17/2"
},
{
"name": "VU#555316",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/555316"
},
{
"name": "44928",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44928"
},
{
"name": "44913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44913"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=3424"
},
{
"name": "44670",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44670"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=705288"
},
{
"name": "cyrus-starttls-command-exec(67867)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67867"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.cyrusimap.org/cyrus-imapd/patch/?id=523a91a5e86c8b9a27a138f04a3e3f2d8786f162"
},
{
"name": "[oss-security] 20110517 Re: CVE Request -- Cyrus-IMAP STARTTLS issue -- [was: Re: pure-ftpd STARTTLS command injection / new CVE?]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/05/17/15"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1926",
"datePublished": "2011-05-23T22:00:00",
"dateReserved": "2011-05-09T00:00:00",
"dateUpdated": "2024-08-06T22:46:00.659Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-3481
Vulnerability from cvelistv5
Published
2011-09-14 17:00
Modified
2024-08-06 23:37
Severity ?
EPSS score ?
Summary
The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.cyrusimap.org/cyrus-imapd/commit/?id=6e776956a1a9dfa58eacdd0ddd52644009eac9e5 | x_refsource_CONFIRM | |
| http://bugzilla.cyrusimap.org/show_bug.cgi?id=3463 | x_refsource_CONFIRM | |
| http://bugzilla.cyrusimap.org/show_bug.cgi?id=2772 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/69842 | vdb-entry, x_refsource_XF | |
| http://www.redhat.com/support/errata/RHSA-2011-1508.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2012:037 | vendor-advisory, x_refsource_MANDRIVA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:37:47.758Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.cyrusimap.org/cyrus-imapd/commit/?id=6e776956a1a9dfa58eacdd0ddd52644009eac9e5"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=3463"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=2772"
},
{
"name": "cyrus-imap-indexgetids-dos(69842)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69842"
},
{
"name": "RHSA-2011:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1508.html"
},
{
"name": "MDVSA-2012:037",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:037"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-28T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.cyrusimap.org/cyrus-imapd/commit/?id=6e776956a1a9dfa58eacdd0ddd52644009eac9e5"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=3463"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=2772"
},
{
"name": "cyrus-imap-indexgetids-dos(69842)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69842"
},
{
"name": "RHSA-2011:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1508.html"
},
{
"name": "MDVSA-2012:037",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:037"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3481",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.cyrusimap.org/cyrus-imapd/commit/?id=6e776956a1a9dfa58eacdd0ddd52644009eac9e5",
"refsource": "CONFIRM",
"url": "http://git.cyrusimap.org/cyrus-imapd/commit/?id=6e776956a1a9dfa58eacdd0ddd52644009eac9e5"
},
{
"name": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=3463",
"refsource": "CONFIRM",
"url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=3463"
},
{
"name": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=2772",
"refsource": "CONFIRM",
"url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=2772"
},
{
"name": "cyrus-imap-indexgetids-dos(69842)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69842"
},
{
"name": "RHSA-2011:1508",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1508.html"
},
{
"name": "MDVSA-2012:037",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:037"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-3481",
"datePublished": "2011-09-14T17:00:00",
"dateReserved": "2011-09-14T00:00:00",
"dateUpdated": "2024-08-06T23:37:47.758Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2011-09-14 17:17
Modified
2024-11-21 01:30
Severity ?
Summary
The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF69596-84CA-4710-91EB-2FF6D17B8D10",
"versionEndIncluding": "2.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "99D7C5A6-45E7-4BAA-B233-CCAB159C51A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "21700E30-2236-4E51-86B9-E95447CA6048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "A42C288D-A01A-49B7-B940-5D02708E945D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "CB432DB6-FFE9-42E3-B579-6AD992EDFD4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "17F9BFB2-5A7C-4CA2-BB82-67D1591DD018",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCAD991-48BF-4A68-A94C-13B6168AD4E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "641EB6FF-302A-445D-9E63-AE1AF2ADB817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4916C646-E5E4-41E5-B095-D2F11E9F5991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1D9D6F66-9DFF-4325-A1C2-D4B09FFE7C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EE067B25-86BF-4607-9988-F7564478805A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.13p1:*:*:*:*:*:*:*",
"matchCriteriaId": "E736ECCF-2303-4910-AE53-2AA251CAD405",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C680C0F-355D-43D0-9D0F-C4FC7D9C4303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36E2F9C1-7356-4110-A07B-A7B9DD02BFB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "08E9F2C5-71B2-4E49-9AC1-C5C99C13323D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1A0D47EC-F7E7-43F5-858C-9E2491142BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E65CF58D-6B31-42A8-9CE1-8FFACA8D0529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D308745F-8054-41D5-83C7-0F01F064FD68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "209A797E-AD60-4A8B-9F91-D5FA441F56B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "71641B1E-FCBA-4D22-9E1D-63557048A4AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C70C4DE0-0B02-4A9C-85A6-E33037A72679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "25696C00-BFC6-4071-9B72-45B4A96E13EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA183F1-A60F-4285-9938-762107FFD4DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "439424BC-AEEC-40A2-A57C-9EC87E11EA8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6E86725A-ECDB-4B62-9FC7-728082201D87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "99E010BE-DA06-4FF3-8882-0DCA01F18B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "507FD8BF-2387-4745-A15F-FC7389D02695",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "8DDF7EE8-D71E-4DC8-B5A2-53029B213F67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "8C92EF3C-1728-44F2-B71E-0A7FA03EDDE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "2D7170B4-0299-406F-90AC-DCEE48413803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33DA20A2-D525-4804-BD10-CE6CBB7F119D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26BA8C3F-3909-4572-8E8B-B95F0AF728E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1176CD-C6DB-45D5-91BD-194C40259A27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6DCA14F-1BE5-4E7B-9B52-F1F33249AAE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5A89D3-AD15-4881-AC42-71459BC75685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E65F7347-D66B-4560-99FB-4DD0E3364FF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5AE6DED5-BFDA-4EF0-9811-22B629B4D09A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5F283AA9-3D67-4D2E-9654-C15F7A8947A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6C856979-8B29-4544-86E2-A6DBB208E80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "770EF250-DCA8-4AA6-AC67-7D87B0733098",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message."
},
{
"lang": "es",
"value": "La funci\u00f3n index_get_ids en index.c en imapd del Servidor Cyrus IMAP antes de la versi\u00f3n v2.4.11, cuando multihilo en elado del servidor est\u00e1 activado, permite a atacantes remotos causar una denegaci\u00f3n de servicio (puntero a NULL y ca\u00edda del demonio) a trav\u00e9s de una cabecera \u0027References\u0027 debidamente modifcada en un mensaje de correo electr\u00f3nico."
}
],
"evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/476.html\r\n\u0027CWE-476: NULL Pointer Dereference\u0027",
"id": "CVE-2011-3481",
"lastModified": "2024-11-21T01:30:33.767",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-09-14T17:17:07.443",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=2772"
},
{
"source": "cve@mitre.org",
"url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=3463"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://git.cyrusimap.org/cyrus-imapd/commit/?id=6e776956a1a9dfa58eacdd0ddd52644009eac9e5"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:037"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1508.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69842"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=2772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=3463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://git.cyrusimap.org/cyrus-imapd/commit/?id=6e776956a1a9dfa58eacdd0ddd52644009eac9e5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1508.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69842"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-09-14 17:17
Modified
2024-11-21 01:29
Severity ?
Summary
Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2D1CD9A-31CD-424A-8F75-31816E668A5B",
"versionEndIncluding": "2.3.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "99D7C5A6-45E7-4BAA-B233-CCAB159C51A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "21700E30-2236-4E51-86B9-E95447CA6048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "A42C288D-A01A-49B7-B940-5D02708E945D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "CB432DB6-FFE9-42E3-B579-6AD992EDFD4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "17F9BFB2-5A7C-4CA2-BB82-67D1591DD018",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCAD991-48BF-4A68-A94C-13B6168AD4E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "641EB6FF-302A-445D-9E63-AE1AF2ADB817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4916C646-E5E4-41E5-B095-D2F11E9F5991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1D9D6F66-9DFF-4325-A1C2-D4B09FFE7C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EE067B25-86BF-4607-9988-F7564478805A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.13p1:*:*:*:*:*:*:*",
"matchCriteriaId": "E736ECCF-2303-4910-AE53-2AA251CAD405",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "8A086429-82AA-43F6-950B-FF58E64BFB46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C680C0F-355D-43D0-9D0F-C4FC7D9C4303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36E2F9C1-7356-4110-A07B-A7B9DD02BFB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "08E9F2C5-71B2-4E49-9AC1-C5C99C13323D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1A0D47EC-F7E7-43F5-858C-9E2491142BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E65CF58D-6B31-42A8-9CE1-8FFACA8D0529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D308745F-8054-41D5-83C7-0F01F064FD68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "209A797E-AD60-4A8B-9F91-D5FA441F56B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "71641B1E-FCBA-4D22-9E1D-63557048A4AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C70C4DE0-0B02-4A9C-85A6-E33037A72679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "25696C00-BFC6-4071-9B72-45B4A96E13EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA183F1-A60F-4285-9938-762107FFD4DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "439424BC-AEEC-40A2-A57C-9EC87E11EA8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6E86725A-ECDB-4B62-9FC7-728082201D87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "99E010BE-DA06-4FF3-8882-0DCA01F18B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "507FD8BF-2387-4745-A15F-FC7389D02695",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "8DDF7EE8-D71E-4DC8-B5A2-53029B213F67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33DA20A2-D525-4804-BD10-CE6CBB7F119D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26BA8C3F-3909-4572-8E8B-B95F0AF728E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1176CD-C6DB-45D5-91BD-194C40259A27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6DCA14F-1BE5-4E7B-9B52-F1F33249AAE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5A89D3-AD15-4881-AC42-71459BC75685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E65F7347-D66B-4560-99FB-4DD0E3364FF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5AE6DED5-BFDA-4EF0-9811-22B629B4D09A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5F283AA9-3D67-4D2E-9654-C15F7A8947A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6C856979-8B29-4544-86E2-A6DBB208E80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "770EF250-DCA8-4AA6-AC67-7D87B0733098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1423A052-66FA-483E-AD63-B55AE7080DB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en la pila en la funci\u00f3n split_wildmats en nntpd.c en nntpd en el servidor Cyrus IMAP antes de la verison v2.3.17 y en v2.4.x antes de v2.4.11 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un comando NNTP debidamente modificado."
}
],
"id": "CVE-2011-3208",
"lastModified": "2024-11-21T01:29:58.967",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-09-14T17:17:07.317",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://asg.andrew.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=199"
},
{
"source": "secalert@redhat.com",
"url": "http://asg.andrew.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=200"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://git.cyrusimap.org/cyrus-imapd/commit/?id=0f8f026699829b65733c3081657b24e2174f4f4d"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://git.cyrusimap.org/cyrus-imapd/commit/?id=3244c18c928fa331f6927e2b8146abe90feafddd"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2011-09/msg00019.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45938"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45975"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46064"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1026031"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2011/dsa-2318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:149"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/75307"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1317.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/49534"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=734926"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69679"
},
{
"source": "secalert@redhat.com",
"url": "https://hermes.opensuse.org/messages/11723935"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://asg.andrew.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://asg.andrew.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=200"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://git.cyrusimap.org/cyrus-imapd/commit/?id=0f8f026699829b65733c3081657b24e2174f4f4d"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://git.cyrusimap.org/cyrus-imapd/commit/?id=3244c18c928fa331f6927e2b8146abe90feafddd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2011-09/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45938"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1026031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/75307"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1317.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/49534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=734926"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69679"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://hermes.opensuse.org/messages/11723935"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-09-08 23:30
Modified
2024-11-21 01:05
Severity ?
Summary
Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cmu | cyrus_imap_server | 2.2.13 | |
| cmu | cyrus_imap_server | 2.3.14 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EE067B25-86BF-4607-9988-F7564478805A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "507FD8BF-2387-4745-A15F-FC7389D02695",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en el componente script SIEVE (archivo sieve/script.c), tal y como es usado en cyrus-imapd en IMAP Server versiones 2.2.13 y 2.3.14, y Dovecot versiones 1.0 anteriores a 1.0.4 y versiones 1.1 anteriores a 1.1.7, de Cyrus, permite a los usuarios locales ejecutar c\u00f3digo arbitrario y leer o modificar mensajes arbitrarios por medio de un script SIEVE dise\u00f1ado, relacionado con el uso incorrecto del operador sizeof para determinar la longitud del b\u00fafer, combinado con un error de firma de enteros."
}
],
"id": "CVE-2009-2632",
"lastModified": "2024-11-21T01:05:20.510",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-09-08T23:30:00.547",
"references": [
{
"source": "cret@cert.org",
"url": "http://dovecot.org/list/dovecot-news/2009-September/000135.html"
},
{
"source": "cret@cert.org",
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"source": "cret@cert.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36629"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36632"
},
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/36698"
},
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/36713"
},
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/36904"
},
{
"source": "cret@cert.org",
"url": "http://support.apple.com/kb/HT4077"
},
{
"source": "cret@cert.org",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2009/dsa-1881"
},
{
"source": "cret@cert.org",
"url": "http://www.openwall.com/lists/oss-security/2009/09/14/3"
},
{
"source": "cret@cert.org",
"url": "http://www.osvdb.org/58103"
},
{
"source": "cret@cert.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/36296"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/bid/36377"
},
{
"source": "cret@cert.org",
"url": "http://www.ubuntu.com/usn/USN-838-1"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2559"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2009/2641"
},
{
"source": "cret@cert.org",
"url": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sieve/script.c.diff?r1=1.62\u0026r2=1.62.2.1\u0026only_with_tag=cyrus-imapd-2_2-tail"
},
{
"source": "cret@cert.org",
"url": "https://lists.andrew.cmu.edu/pipermail/cyrus-cvs/2009-September/001253.html"
},
{
"source": "cret@cert.org",
"url": "https://lists.andrew.cmu.edu/pipermail/cyrus-cvs/2009-September/001254.html"
},
{
"source": "cret@cert.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10082"
},
{
"source": "cret@cert.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-September/msg00491.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://dovecot.org/list/dovecot-news/2009-September/000135.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36629"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36632"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/36698"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/36713"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/36904"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2009/dsa-1881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2009/09/14/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/58103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/36296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/36377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-838-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2559"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/2641"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sieve/script.c.diff?r1=1.62\u0026r2=1.62.2.1\u0026only_with_tag=cyrus-imapd-2_2-tail"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.andrew.cmu.edu/pipermail/cyrus-cvs/2009-September/001253.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.andrew.cmu.edu/pipermail/cyrus-cvs/2009-September/001254.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-September/msg00491.html"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-05-23 22:55
Modified
2024-11-21 01:27
Severity ?
Summary
The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE4D079C-54C9-436C-BEFA-2134295ABC3A",
"versionEndIncluding": "2.4.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "99D7C5A6-45E7-4BAA-B233-CCAB159C51A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "21700E30-2236-4E51-86B9-E95447CA6048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "A42C288D-A01A-49B7-B940-5D02708E945D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "CB432DB6-FFE9-42E3-B579-6AD992EDFD4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "17F9BFB2-5A7C-4CA2-BB82-67D1591DD018",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCAD991-48BF-4A68-A94C-13B6168AD4E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "641EB6FF-302A-445D-9E63-AE1AF2ADB817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4916C646-E5E4-41E5-B095-D2F11E9F5991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1D9D6F66-9DFF-4325-A1C2-D4B09FFE7C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EE067B25-86BF-4607-9988-F7564478805A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.13p1:*:*:*:*:*:*:*",
"matchCriteriaId": "E736ECCF-2303-4910-AE53-2AA251CAD405",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C680C0F-355D-43D0-9D0F-C4FC7D9C4303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36E2F9C1-7356-4110-A07B-A7B9DD02BFB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "08E9F2C5-71B2-4E49-9AC1-C5C99C13323D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1A0D47EC-F7E7-43F5-858C-9E2491142BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E65CF58D-6B31-42A8-9CE1-8FFACA8D0529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D308745F-8054-41D5-83C7-0F01F064FD68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "209A797E-AD60-4A8B-9F91-D5FA441F56B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "71641B1E-FCBA-4D22-9E1D-63557048A4AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C70C4DE0-0B02-4A9C-85A6-E33037A72679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "25696C00-BFC6-4071-9B72-45B4A96E13EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA183F1-A60F-4285-9938-762107FFD4DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "439424BC-AEEC-40A2-A57C-9EC87E11EA8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6E86725A-ECDB-4B62-9FC7-728082201D87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "99E010BE-DA06-4FF3-8882-0DCA01F18B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "507FD8BF-2387-4745-A15F-FC7389D02695",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "8DDF7EE8-D71E-4DC8-B5A2-53029B213F67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "8C92EF3C-1728-44F2-B71E-0A7FA03EDDE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33DA20A2-D525-4804-BD10-CE6CBB7F119D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26BA8C3F-3909-4572-8E8B-B95F0AF728E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1176CD-C6DB-45D5-91BD-194C40259A27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6DCA14F-1BE5-4E7B-9B52-F1F33249AAE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5A89D3-AD15-4881-AC42-71459BC75685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E65F7347-D66B-4560-99FB-4DD0E3364FF4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a \"plaintext command injection\" attack, a similar issue to CVE-2011-0411."
},
{
"lang": "es",
"value": "La implementaci\u00f3n STARTTLS en Cyrus IMAP Server anterior a v2.4.7 no restringe adecuadamente el b\u00fafer de Entrada/Salida, lo que permite ataques \"man-in-the-middle\" para insertar comandos en sesiones cifradas enviando un comando en texto claro que se procesa despu\u00e9s de TLS en su lugar, relacionado con un ataque \"inyecci\u00f3n de comandos de texto claro\", una tarea similar a CVE-2011-0411."
}
],
"id": "CVE-2011-1926",
"lastModified": "2024-11-21T01:27:19.407",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-05-23T22:55:01.490",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=3423"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=3424"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://git.cyrusimap.org/cyrus-imapd/patch/?id=523a91a5e86c8b9a27a138f04a3e3f2d8786f162"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061374.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061415.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/05/17/15"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/05/17/2"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/44670"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/44876"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/44913"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/44928"
},
{
"source": "secalert@redhat.com",
"url": "http://www.cyrusimap.org/docs/cyrus-imapd/2.4.7/changes.php"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2011/dsa-2242"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2011/dsa-2258"
},
{
"source": "secalert@redhat.com",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/555316"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:100"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0859.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1025625"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=705288"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=3423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=3424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://git.cyrusimap.org/cyrus-imapd/patch/?id=523a91a5e86c8b9a27a138f04a3e3f2d8786f162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061374.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061415.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/05/17/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/05/17/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/44670"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/44876"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/44913"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/44928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cyrusimap.org/docs/cyrus-imapd/2.4.7/changes.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2258"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/555316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0859.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025625"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=705288"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67867"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}