18 matches found
CLSA-2026-1779119949 cyrus-imapd: Fix of CVE-2024-34055
fix CVE-2024-34055: denial of service via memory exhaustion using oversized IMAP literals and command arguments - disable cassandane test runner on x8664 and aarch64 due to multiple unrelated mock-environment issues imaptest binary SIGSEGV, slow file I/O, alarm scheduling races; cunit which...
MiracleLinux 9 : cyrus-imapd-3.4.8-1.el9 (AXSA:2024-9200:03)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9200:03 advisory. cyrus-imapd: unbounded memory allocation by sending many LITERALs in a single command CVE-2024-34055 Tenable has extracted the preceding description block...
TencentOS Server 4: cyrus-imapd (TSSA-2024:1073)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1073 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Fedora: Security Advisory (FEDORA-2024-cfbdc342a2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RLSA-2024:9195 Moderate: cyrus-imapd security update
The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and SIEVE support. Security Fixes: cyrus-imapd: unbounded memory allocation by sending many LITERALs in a single command CVE-2024-34055 For more details about the security issues, including the impact, a CVSS...
Linux Distros Unpatched Vulnerability : CVE-2024-34055
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single...
CVE-2024-34055
creationtimestamp| type| source ---|---|--- 2025-02-06 11:29:20+00:00| seen| https://infosec.exchange/users/cve/statuses/113956707363822061 2025-02-06 12:16:23+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhj2uxgonn2t 2025-02-06 13:33:18+00:00| seen|...
Oracle Linux 9 : cyrus-imapd (ELSA-2024-9195)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-9195 advisory. 3.4.8-1 - Update to 3.4.8, fixing CVE-2024-34055 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note th...
cyrus-imapd security update
3.4.8-1 - Update to 3.4.8, fixing CVE-2024-34055...
Fedora 41 : cyrus-imapd (2024-cfbdc342a2)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-cfbdc342a2 advisory. Automatic update for cyrus-imapd-3.8.3-1.fc41. Changelog Wed Jun 5 2024 Martin Osvald - 3.8.3-1 - Fix CVE-2024-34055 rhbz2290512 - Convert to %autorelease an...
Moderate: Red Hat Security Advisory: cyrus-imapd security update
An update for cyrus-imapd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
Moderate: cyrus-imapd security update
The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and SIEVE support. Security Fixes: cyrus-imapd: unbounded memory allocation by sending many LITERALs in a single command CVE-2024-34055 For more details about the security issues, including the impact, a CVSS...
RHEL 9 : cyrus-imapd (RHSA-2024:9195)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:9195 advisory. The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and SIEVE support. Security Fixes: cyrus-imapd: unbounded memo...
Fedora: Security Advisory (FEDORA-2024-f3e0255c75)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 5708-1] cyrus-imapd security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5708-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 11, 2024 https://www.debian.org/security/faq -...
CVE-2024-34055
CVE-2024-34055 affects Cyrus IMAPD before 3.8.3 and 3.10.x before 3.10.0-rc1. An attacker with authentication can trigger unbounded memory allocation by sending many LITERALs in a single command, enabling memory exhaustion (availability impact). Patches/releases: upgrade to Cyrus IMAPD 3.8.3 or 3...
CVE-2024-34055
Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single command...
cyrus-imapd -- unbounded memory allocation
Cyrus IMAP 3.8.3 Release Notes states: Fixed CVE-2024-34055: Cyrus-IMAP through 3.8.2 and 3.10.0-beta2 allow authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single command. The IMAP protocol allows for command arguments to be LITERALs of negotiated lengt...