← voltar
CVE-2011-3372

CVE-2011-3372

EPSS 3.4%
imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://cyrusimap.org/mediawiki/index.php/Latest_Updateshttp://git.cyrusimap.org/cyrus-imapd/commit/?id=77903669e04c9788460561dd0560b9c916519594https://bugzilla.redhat.com/show_bug.cgi?id=740822http://secunia.com/advisories/46093http://secunia.com/secunia_research/2011-68http://securitytracker.com/id?1026363http://www.debian.org/security/2011/dsa-2318http://www.mandriva.com/security/advisories?name=MDVSA-2011:149http://www.redhat.com/support/errata/RHSA-2011-1508.html