CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-33582 – cyrus-imapd: Denial of service via string hashing algorithm collisions
https://notcve.org/view.php?id=CVE-2021-33582
01 Sep 2021 — Cyrus IMAP before 3.4.2 allows remote attackers to cause a denial of service (multiple-minute daemon hang) via input that is mishandled during hash-table interaction. Because there are many insertions into a single bucket, strcmp becomes slow. This is fixed in 3.4.2, 3.2.8, and 3.0.16. Cyrus IMAP versiones anteriores a 3.4.2, permite a atacantes remotos causar una denegación de servicio (cuelgue del demonio de varios minutos) por medio de una entrada manejada inapropiadamente durante la interacción de la ta... • https://cyrus.topicbox.com/groups/announce/T3dde0a2352462975-M1386fc44adf967e072f8df13/cyrus-imap-3-4-2-3-2-8-and-3-0-16-released • CWE-400: Uncontrolled Resource Consumption CWE-407: Inefficient Algorithmic Complexity •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-32056
https://notcve.org/view.php?id=CVE-2021-32056
10 May 2021 — Cyrus IMAP before 3.2.7, and 3.3.x and 3.4.x before 3.4.1, allows remote authenticated users to bypass intended access restrictions on server annotations and consequently cause replication to stall. Cyrus IMAP versiones anteriores a 3.2.7, y versiones 3.3.x y versiones 3.4.x anteriores a 3.4.1, permite a usuarios autenticados remotos omitir las restricciones de acceso previstas en las anotaciones del servidor y, en consecuencia, provocar que la replicación se detenga • https://cyrus.topicbox.com/groups/announce/T056901c106ecfce3/cyrus-imap-3-4-1-released • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.5EPSS: 1%CPEs: 37EXPL: 0CVE-2008-5514
https://notcve.org/view.php?id=CVE-2008-5514
23 Dec 2008 — Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit before imap-2007e and other applications, allows context-dependent attackers to cause a denial of service (crash) via an e-mail message that triggers a buffer overflow. Error de superación de límite en la función rfc822_output_char en las rutinas RFC822BUFFER de las bibliotecas c-client library, de la Universidad de Washinton (UW), como las ut... • http://secunia.com/advisories/33275 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •