EUVD-2005-1913

Malware in sbrugna...

EUVD-2002-0900

Malware in sbrugna...

Authentication Bypass

cyrus-imapd is vulnerable to authentication bypass. The vulnerability is allows a remote user able to use the nntpd service could use this flaw to read or post newsgroup messages on an NNTP server configured to require user authentication, without providing valid authentication credentials...

InterNetNews Control Message Handling Buffer Overflow - Ver2 (CVE-2004-0045)

The InterNetNews package INN is a complete Usenet system. It includes innd, an NNTP server, and nnrpd, a newsreading server. A vulnerability exists in the NNTP server component of InterNetNews INN, which can be exploited to compromise a vulnerable system. The vulnerability is caused due to a...

InterNetNews Control Message Handling Buffer Overflow - Ver2 (CVE-2004-0045)

The InterNetNews package INN is a complete Usenet system. It includes innd, an NNTP server, and nnrpd, a newsreading server. A vulnerability exists in the NNTP server component of InterNetNews INN, which can be exploited to compromise a vulnerable system. The vulnerability is caused due to a...

Amazon Linux AMI : cyrus-imapd (ALAS-2011-2)

The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. A buffer overflow flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to crash the nntpd child process or, possibly, execute...

Newspost 2.0/2.1 - Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12418/info Newspost is prone to a remote buffer overflow vulnerability due to an unbounded memory copy operation. The problem occurs in the 'socketgetline' function of 'socket.c' when the vulnerable client handles NNTP...

Amazon Linux AMI : cyrus-imapd (ALAS-2011-27)

An authentication bypass flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to read or post newsgroup messages on an NNTP server configured to require user authentication, without providing valid authentication credentials...

[ MDVSA-2012:156 ] inn

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:156 http://www.mandriva.com/security/ Package : inn Date : October 2, 2012 Affected: 2011. Problem Description: A security issue was identified and fixed in ISC INN: The STARTTLS implementation in INNs NNTP...

Mandriva Linux Security Advisory : inn (MDVSA-2012:156)

A security issue was identified and fixed in ISC INN : The STARTTLS implementation in INN's NNTP server for readers, nnrpd, before 2.5.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command tha...

Mandriva Update for inn MDVSA-2012:156 (inn)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Scientific Linux Security Update : cyrus-imapd on SL4.x, SL5.x, SL6.x i386/x86_64

The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. An authentication bypass flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to read or post newsgroup messages on an NNTP...

CentOS Update for cyrus-imapd CESA-2011:1317 centos4 x86_64

Check for the Version of cyrus-imapd OpenVAS Vulnerability Test CentOS Update for cyrus-imapd CESA-2011:1317 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

CVE-2011-3372

imap/nntpd.c in the NNTP server nntpd for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command...

CVE-2011-3372

imap/nntpd.c in the NNTP server nntpd for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command...

CVE-2011-3372

CVE-2011-3372 affects Cyrus IMAPd 2.4.x NNTP server (nntpd): remote attackers can bypass authentication by sending AUTHINFO USER without a subsequent AUTHINFO PASS. The issue is fixed in Cyrus IMAPd 2.4.12 and in various advisories (e.g., MiracleLinux AXSA-2012-23) that reference CVE-2011-3372. A...

Cyrus IMAPd NNTP AUTHINFO USER Command Parsing Authentication Bypass

The remote NNTP server contains a logic error that causes clients that send only a username, neglecting to send a password, to be treated as authenticated. This may permit an unauthenticated, remote attacker to view and post to restricted newsgroups, impersonating other users in the process. C...

CentOS Update for cyrus-imapd CESA-2011:1508 centos4 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

cyrus, perl security update

CentOS Errata and Security Advisory CESA-2011:1508 Updated cyrus-imapd packages that fix two security issues are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System...

Debian Security Advisory DSA 2318-1 (cyrus-imapd-2.2)

The remote host is missing an update to cyrus-imapd-2.2 announced via advisory DSA 2318-1. OpenVAS Vulnerability Test $Id: deb23181.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2318-1 cyrus-imapd-2.2 Authors: Thomas Reinke Copyright: Copyright c 2011...