CVE search results

11 – 19 of 19 results

Detailed view

Sort by:

CVE-2015-8076

Medium priority

Ignored

The index_urlfetch function in index.c in Cyrus IMAP 2.3.x before 2.3.19, 2.4.x before 2.4.18, 2.5.x before 2.5.4 allows remote attackers to obtain sensitive information or possibly have unspecified other impact via...

1 affected package

cyrus-imapd-2.4

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cyrus-imapd-2.4	—	—	—	Not in release	Not affected

CVE-2011-3372

Medium priority

Some fixes available 2 of 15

imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.

3 affected packages

cyrus-imapd-2.2, cyrus-imapd-2.4, kolab-cyrus-imapd

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cyrus-imapd-2.2	—	—	—	—	Not in release
cyrus-imapd-2.4	—	—	—	—	Not affected
kolab-cyrus-imapd	—	—	—	—	Not in release

CVE-2011-3481

Low priority

Some fixes available 2 of 18

The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via...

3 affected packages

cyrus-imapd-2.2, cyrus-imapd-2.4, kolab-cyrus-imapd

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cyrus-imapd-2.2	—	—	—	—	Not in release
cyrus-imapd-2.4	—	—	—	—	Not affected
kolab-cyrus-imapd	—	—	—	—	Not in release

CVE-2011-3208

Medium priority

Some fixes available 2 of 15

Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command.

3 affected packages

cyrus-imapd-2.2, cyrus-imapd-2.4, kolab-cyrus-imapd

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cyrus-imapd-2.2	—	—	—	—	Not in release
cyrus-imapd-2.4	—	—	—	—	Not affected
kolab-cyrus-imapd	—	—	—	—	Not in release

CVE-2011-1926

High priority

Some fixes available 2 of 6

The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is...

2 affected packages

cyrus-imapd-2.2, cyrus-imapd-2.4

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cyrus-imapd-2.2	—	—	—	—	—
cyrus-imapd-2.4	—	—	—	—	—

CVE-2009-3235

Medium priority

Some fixes available 9 of 18

Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly...

3 affected packages

cyrus-imapd-2.2, dovecot, kolab-cyrus-imapd

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cyrus-imapd-2.2	—	—	—	—	—
dovecot	—	—	—	—	—
kolab-cyrus-imapd	—	—	—	—	—

CVE-2009-2632

Medium priority

Some fixes available 9 of 17

Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and...

3 affected packages

cyrus-imapd-2.2, dovecot, kolab-cyrus-imapd

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cyrus-imapd-2.2	—	—	—	—	—
dovecot	—	—	—	—	—
kolab-cyrus-imapd	—	—	—	—	—

CVE-2006-2502

Unknown priority

Not affected

Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows remote attackers to execute arbitrary code via a long USER command.

2 affected packages

cyrus-imapd-2.2, cyrus21-imapd

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cyrus-imapd-2.2	—	—	—	—	—
cyrus21-imapd	—	—	—	—	—

CVE-2002-0379

Unknown priority

1 affected package

cyrus-imapd

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cyrus-imapd	—	—	—	—	—

Export to JSON

Results by page:

Search CVE reports