CVE-2011-3208
- EPSS 8.29%
- Veröffentlicht 14.09.2011 17:17:07
- Zuletzt bearbeitet 11.04.2025 00:51:21
Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command.
CVE-2011-3481
- EPSS 1.14%
- Veröffentlicht 14.09.2011 17:17:07
- Zuletzt bearbeitet 11.04.2025 00:51:21
The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header...
CVE-2011-1926
- EPSS 4.87%
- Veröffentlicht 23.05.2011 22:55:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is ...
CVE-2009-2632
- EPSS 0.13%
- Veröffentlicht 08.09.2009 23:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrar...