26 matches found
EUVD-2002-2295
Malware in sbrugna...
Authentication Bypass
cyrus-imapd is vulnerable to authentication bypass. The vulnerability is allows a remote user able to use the nntpd service could use this flaw to read or post newsgroup messages on an NNTP server configured to require user authentication, without providing valid authentication credentials...
Arbitrary Code Execution
cyrus-imapd is vulnerable to arbitrary code execution. A buffer overflow flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to crash the nntpd child process or, possibly, execute arbitrary code with the privileges of the cyrus use...
openSUSE Security Update : cyrus-imapd (openSUSE-2015-606)
This update provides version 2.4.18 of cyrus-imapd - Security fix: handle urlfetch range starting outside message range - A bunch of cleanups and fixes to compiling - A bunch of sieve cleanups - Enhanced SSL/TLS configuration options - Disable use of SSLv2/SSLv3 - Allow SQL backend for mboxlist a...
openSUSE Security Update : cyrus-imapd (openSUSE-SU-2011:1170-1)
An authentication bypass CVE-2011-3372 and a DoS vulnerability CVE-2011-3481 have been fixed in the Cyrus IMAPd nntpd. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update cyrus-imapd-5240. The tex...
CentOS Update for cyrus-imapd CESA-2011:1317 centos4 x86_64
Check for the Version of cyrus-imapd OpenVAS Vulnerability Test CentOS Update for cyrus-imapd CESA-2011:1317 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
SuSE 10 Security Update : cyrus-imapd (ZYPP Patch Number 7785)
An authentication bypass CVE-2011-3372 and a DoS vulnerability CVE-2011-3481 have been fixed in the Cyrus IMAPd nntpd. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Medium: cyrus-imapd
Issue Overview: An authentication bypass flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to read or post newsgroup messages on an NNTP server configured to require user authentication, without providing valid authentication...
cyrus-imapd security update
2.3.16-6.4 - fix CVE-2011-3481: NULL pointer dereference via crafted References header in email 738391 - fix CVE-2011-3372: nntpd authentication bypass 740822...
Fedora 16 : cyrus-imapd-2.4.12-1.fc16 (2011-13832)
security fix : - fixes incomplete authentication checks in nntpd Secunia SA46093 - other fixed bugs : - delayed delete can fail because of invalid names - cyradm cannot wildcard delete ACLs from a mailbox - Wrong ENABLE result doubled names - mbpath output changed from 2.3 to 2.4 for remote...
Mandriva Linux Security Advisory : cyrus-imapd (MDVSA-2011:149)
Multiple vulnerabilities has been discovered and corrected in cyrus-imapd : Stack-based buffer overflow in the splitwildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command...
Fedora 15 : cyrus-imapd-2.4.12-1.fc15 (2011-13860)
security fix : - fixes incomplete authentication checks in nntpd Secunia SA46093 - other fixed bugs : - delayed delete can fail because of invalid names - cyradm cannot wildcard delete ACLs from a mailbox - Wrong ENABLE result doubled names - mbpath output changed from 2.3 to 2.4 for remote...
Fedora 14 : cyrus-imapd-2.3.18-1.fc14 (2011-13869)
cyrus-imapd updated to 2.3.18 - fixes incomplete authentication checks in nntpd Secunia SA46093 - fix CVE-2011-3208: a remotely exploitable buffer overflow in nntpd Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable...
Important: cyrus-imapd
Issue Overview: The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. A buffer overflow flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to crash the nntpd child process or,...
Security fix for the ALT Linux 6 package cyrus-imapd version 2.4.12-alt1
Oct. 6, 2011 Vladimir V Kamarzin 2.4.12-alt1 - 2.4.12 fixes CVE-2011-3372, authentication bypass in the nntpd daemon...
Security fix for the ALT Linux 8 package cyrus-imapd version 2.4.12-alt1
Oct. 6, 2011 Vladimir V Kamarzin 2.4.12-alt1 - 2.4.12 fixes CVE-2011-3372, authentication bypass in the nntpd daemon...
cyrus-imapd: nntpd buffer overflow in split_wildmats()
Stack-based buffer overflow in the splitwildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command...
cyrus-imapd security update
2.3.16-6.3 - Resolves: 735391 - CVE-2011-3208 nntpd buffer overflow...
CVE-2011-3208
Stack-based buffer overflow in the splitwildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command...
CVE-2011-3208
Stack-based buffer overflow in the splitwildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command...