TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2011-3372

N/A

Beschreibung

imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.

CVE Details

CVSS v3.1 BewertungN/A
Veroffentlicht12/24/2011
Zuletzt geandert4/11/2025
Quellenvd
Honeypot-Sichtungen0

Betroffene Produkte

cyrus:imapd

Schwachen (CWE)

CWE-287

Referenzen

http://cyrusimap.org/mediawiki/index.php/Latest_Updates(secalert@redhat.com)
http://git.cyrusimap.org/cyrus-imapd/commit/?id=77903669e04c9788460561dd0560b9c916519594(secalert@redhat.com)
http://secunia.com/advisories/46093(secalert@redhat.com)
http://secunia.com/secunia_research/2011-68(secalert@redhat.com)
http://securitytracker.com/id?1026363(secalert@redhat.com)
http://www.debian.org/security/2011/dsa-2318(secalert@redhat.com)
http://www.mandriva.com/security/advisories?name=MDVSA-2011:149(secalert@redhat.com)
http://www.redhat.com/support/errata/RHSA-2011-1508.html(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=740822(secalert@redhat.com)
http://cyrusimap.org/mediawiki/index.php/Latest_Updates(af854a3a-2127-422b-91ae-364da2661108)
http://git.cyrusimap.org/cyrus-imapd/commit/?id=77903669e04c9788460561dd0560b9c916519594(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/46093(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/secunia_research/2011-68(af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1026363(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2011/dsa-2318(af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2011:149(af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2011-1508.html(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=740822(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.