Search CVE reports
1 – 5 of 5 results
CVE-2011-3372
Medium prioritySome fixes available 2 of 15
imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.
3 affected packages
cyrus-imapd-2.2, cyrus-imapd-2.4, kolab-cyrus-imapd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
cyrus-imapd-2.2 | — | — | — | — | Not in release |
cyrus-imapd-2.4 | — | — | — | — | Not affected |
kolab-cyrus-imapd | — | — | — | — | Not in release |
CVE-2011-3481
Low prioritySome fixes available 2 of 18
The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via...
3 affected packages
cyrus-imapd-2.2, cyrus-imapd-2.4, kolab-cyrus-imapd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
cyrus-imapd-2.2 | — | — | — | — | Not in release |
cyrus-imapd-2.4 | — | — | — | — | Not affected |
kolab-cyrus-imapd | — | — | — | — | Not in release |
CVE-2011-3208
Medium prioritySome fixes available 2 of 15
Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command.
3 affected packages
cyrus-imapd-2.2, cyrus-imapd-2.4, kolab-cyrus-imapd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
cyrus-imapd-2.2 | — | — | — | — | Not in release |
cyrus-imapd-2.4 | — | — | — | — | Not affected |
kolab-cyrus-imapd | — | — | — | — | Not in release |
CVE-2009-3235
Medium prioritySome fixes available 9 of 18
Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly...
3 affected packages
cyrus-imapd-2.2, dovecot, kolab-cyrus-imapd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
cyrus-imapd-2.2 | — | — | — | — | — |
dovecot | — | — | — | — | — |
kolab-cyrus-imapd | — | — | — | — | — |
CVE-2009-2632
Medium prioritySome fixes available 9 of 17
Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and...
3 affected packages
cyrus-imapd-2.2, dovecot, kolab-cyrus-imapd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
cyrus-imapd-2.2 | — | — | — | — | — |
dovecot | — | — | — | — | — |
kolab-cyrus-imapd | — | — | — | — | — |