113 matches found
EUVD-2011-3172
Malware in sbrugna...
EUVD-2004-1013
Malware in sbrugna...
EUVD-2011-3444
Malware in sbrugna...
EUVD-2004-1065
Malware in sbrugna...
EUVD-2011-1924
Malware in sbrugna...
Ubuntu: Security Advisory (USN-7224-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-7224-1: Cyrus IMAP Server vulnerabilities
It was discovered that non-authentication-related HTTP requests could be interpreted in an authentication context by a Cyrus IMAP Server when multiple requests arrived over the same connection. An unauthenticated attacker could possibly use this issue to perform a privilege escalation attack. Thi...
SUSE CVE-2004-1012
The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command "bodyp" that is treated as a different command "body.peek" and causes an index increment error that leads to an out-of-bounds memory...
SUSE CVE-2004-1013
The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as 1 "bodyp", 2 "binaryp", or 3 "binaryp" that cause an index increment error that leads to an out-of-bounds memory corruption...
SUSE CVE-2004-1067
Off-by-one error in the mysaslcanonuser function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username...
SUSE CVE-2009-2632
Buffer overflow in the SIEVE script component sieve/script.c, as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to...
SUSE CVE-2011-3372
imap/nntpd.c in the NNTP server nntpd for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command...
SUSE CVE-2011-3481
The indexgetids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a crafted References header in an e-mail message...
Important: Red Hat Security Advisory: cyrus-imapd security update
An update for cyrus-imapd is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
RLSA-2021:3492 Important: cyrus-imapd security update
The Cyrus IMAP server provides access to personal mail, system-wide bulletin boards, news-feeds, calendar and contacts through the IMAP, JMAP, NNTP, CalDAV and CardDAV protocols. Security Fixes: cyrus-imapd: Denial of service via string hashing algorithm collisions CVE-2021-33582 For more details...
Important: cyrus-imapd security update
The Cyrus IMAP server provides access to personal mail, system-wide bulletin boards, news-feeds, calendar and contacts through the IMAP, JMAP, NNTP, CalDAV and CardDAV protocols. Security Fixes: cyrus-imapd: Denial of service via string hashing algorithm collisions CVE-2021-33582 For more details...
USN-4566-1: Cyrus IMAP Server vulnerabilities
It was dicovered that Cyrus IMAP Server could execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name. An attacker could use this vulnerability to cause a crash or possibly execute arbitrary code. CVE-2019-11356 It was discovered that the Cyrus IMA...
Ubuntu 18.04 LTS : Cyrus IMAP Server vulnerabilities (USN-4566-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4566-1 advisory. It was dicovered that Cyrus IMAP Server could execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name. A...
GLSA-202006-23 : Cyrus IMAP Server: Access restriction bypass
The remote host is affected by the vulnerability described in GLSA-202006-23 Cyrus IMAP Server: Access restriction bypass An issue was discovered in Cyrus IMAP Server where sieve script uploading is excessively trusted. Impact : A user can use a sieve script to create any mailbox with administrat...
Cyrus IMAP Server: Access restriction bypass
Background The Cyrus IMAP Server is an efficient, highly-scalable IMAP e-mail server. Description An issue was discovered in Cyrus IMAP Server where sieve script uploading is excessively trusted. Impact A user can use a sieve script to create any mailbox with administrator privileges. Workaround...