CVE-2011-3208

Related Files

Gentoo Linux Security Advisory 201110-16

Posted Oct 23, 2011

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201110-16 - The Cyrus IMAP Server is affected by multiple vulnerabilities which could potentially lead to the remote execution of arbitrary code or a denial of service. Versions less than 2.4.12 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability, imap

systems | linux, gentoo

advisories | CVE-2009-2632, CVE-2011-3208, CVE-2011-3481

SHA-256 | 1adb16e92a221ed72428ee5be30b3e16bad3de53df09cd8c4f1d076f7af9fee9

Download | Favorite | View

Mandriva Linux Security Advisory 2011-150

Posted Oct 15, 2011

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-150 - Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service or possibly have unspecified other impact via a long line in a response.

tags | advisory, remote, denial of service, overflow

systems | linux, mandriva

advisories | CVE-2011-3208

SHA-256 | 5e0f011b503708fa29fd1e15a76130866cbc07147d7f96216c38d618f2d858f4

Download | Favorite | View

Mandriva Linux Security Advisory 2011-149

Posted Oct 15, 2011

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-149 - Multiple vulnerabilities has been discovered and corrected in cyrus-imapd. Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command. Secunia Research has discovered a vulnerability in Cyrus IMAPd, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error within the authentication mechanism of the NNTP server, which can be exploited to bypass the authentication process and execute commands intended for authenticated users by sending an AUTHINFO USER command without a following AUTHINFO PASS command.

tags | advisory, remote, overflow, arbitrary, vulnerability, imap

systems | linux, mandriva

advisories | CVE-2011-3208, CVE-2011-3372

SHA-256 | 1191292753cdb7c648b6f3c0d5659116f9b45499232eebda2c0efc795d775ec9

Download | Favorite | View

Debian Security Advisory 2318-1.txst

Posted Oct 7, 2011

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2318-1 - Multiple security issues have been discovered in cyrus-imapd, a highly scalable mail system designed for use in enterprise environments.

tags | advisory

systems | linux, debian

advisories | CVE-2011-3372, CVE-2011-3208

SHA-256 | 6aa0ec325a5be815c81bb67feae0cefdc3e2781d9482a41e3105fe41139fed85

Download | Favorite | View

Red Hat Security Advisory 2011-1317-01

Posted Sep 19, 2011

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1317-01 - The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. A buffer overflow flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to crash the nntpd child process or, possibly, execute arbitrary code with the privileges of the cyrus user.

tags | advisory, remote, overflow, arbitrary, imap

systems | linux, redhat

advisories | CVE-2011-3208

SHA-256 | 08236021a1e725e1e06393ac59be1014c21fe6adaad53673952a5ba86038b8b1

Download | Favorite | View