All errata/p5/ALT-PU-2013-1239-1
ALT-PU-2013-1239-1

Package update cyrus-imapd in branch p5

Version2.4.12-alt0.M51.1
Task#109884
Published2013-12-04
Max severityHIGH
Severity:

Closed issues (2)

CVE-2011-3208
HIGH7.5

Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command.

Published: 2011-09-14Modified: 2026-04-29
CVSS 2.0HIGH 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
References
CVE-2011-3372
HIGH7.5

imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.

Published: 2011-12-24Modified: 2026-04-29
CVSS 2.0HIGH 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
References

Closed bugs (1)

Bug #23002

поддержка авторизации в ldap