CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-33582 – cyrus-imapd: Denial of service via string hashing algorithm collisions
https://notcve.org/view.php?id=CVE-2021-33582
01 Sep 2021 — Cyrus IMAP before 3.4.2 allows remote attackers to cause a denial of service (multiple-minute daemon hang) via input that is mishandled during hash-table interaction. Because there are many insertions into a single bucket, strcmp becomes slow. This is fixed in 3.4.2, 3.2.8, and 3.0.16. Cyrus IMAP versiones anteriores a 3.4.2, permite a atacantes remotos causar una denegación de servicio (cuelgue del demonio de varios minutos) por medio de una entrada manejada inapropiadamente durante la interacción de la ta... • https://cyrus.topicbox.com/groups/announce/T3dde0a2352462975-M1386fc44adf967e072f8df13/cyrus-imap-3-4-2-3-2-8-and-3-0-16-released • CWE-400: Uncontrolled Resource Consumption CWE-407: Inefficient Algorithmic Complexity •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-32056
https://notcve.org/view.php?id=CVE-2021-32056
10 May 2021 — Cyrus IMAP before 3.2.7, and 3.3.x and 3.4.x before 3.4.1, allows remote authenticated users to bypass intended access restrictions on server annotations and consequently cause replication to stall. Cyrus IMAP versiones anteriores a 3.2.7, y versiones 3.3.x y versiones 3.4.x anteriores a 3.4.1, permite a usuarios autenticados remotos omitir las restricciones de acceso previstas en las anotaciones del servidor y, en consecuencia, provocar que la replicación se detenga • https://cyrus.topicbox.com/groups/announce/T056901c106ecfce3/cyrus-imap-3-4-1-released • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2019-19783 – cyrus-imapd: lmtpd component created mailboxes with administrator privileges if the "fileinto" was used, bypassing ACL checks
https://notcve.org/view.php?id=CVE-2019-19783
16 Dec 2019 — An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. If sieve script uploading is allowed (3.x) or certain non-default sieve options are enabled (2.x), a user with a mail account on the service can use a sieve script containing a fileinto directive to create any mailbox with administrator privileges, because of folder mishandling in autosieve_createfolder() in imap/lmtp_sieve.c. Se detectó un problema en Cyrus IMAP versiones anteriores a 2.5.15, versiones 3.0.x ... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DIV4HQ6LG5GPRO4B5Z2NHCZUPBUVVVF • CWE-269: Improper Privilege Management CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-18928 – cyrus-imapd: privilege escalation in HTTP request
https://notcve.org/view.php?id=CVE-2019-18928
15 Nov 2019 — Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection. Cyrus IMAP versiones 2.5.x anteriores a la versión 2.5.14 y versiones 3.x anteriores a la versión 3.0.12, permite una escalada de privilegios porque una petición HTTP puede ser interpretada en el contexto de autenticación de una petición anterior no relacionada que llegó por medio de l... • https://lists.debian.org/debian-lts-announce/2022/06/msg00013.html • CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 18%CPEs: 14EXPL: 0CVE-2019-11356 – cyrus-imapd: buffer overflow in CalDAV request handling triggered by a long iCalendar property name
https://notcve.org/view.php?id=CVE-2019-11356
03 Jun 2019 — The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12 and 3.0.x through 3.0.9 allows remote attackers to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name. La función CalDAV en httpd en Cyrus IMAP 2.5.x a 2.5.12 y 3.0.x a 3.0.9 permite a los atacantes remotos ejecutar código arbitrario a través de una operación HTTP PUT diseñada para un evento con un nombre de propiedad largo de iCalendar. A flaw was found in the CalDAV feature in httpd in Cyru... • https://access.redhat.com/errata/RHSA-2019:1771 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14230
https://notcve.org/view.php?id=CVE-2017-14230
10 Sep 2017 — In the mboxlist_do_find function in imap/mboxlist.c in Cyrus IMAP before 3.0.4, an off-by-one error in prefix calculation for the LIST command caused use of uninitialized memory, which might allow remote attackers to obtain sensitive information or cause a denial of service (daemon crash) via a 'LIST "" "Other Users"' command. En la función mboxlist_do_find en imap/mboxlist.c en Cyrus IMAP en versiones anteriores a la 3.0.4, un error por un paso (off-by-one) en el cálculo de prefijos para el comando LIST pr... • https://github.com/cyrusimap/cyrus-imapd/commit/6bd33275368edfa71ae117de895488584678ac79 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 2%CPEs: 43EXPL: 0CVE-2015-8076
https://notcve.org/view.php?id=CVE-2015-8076
03 Dec 2015 — The index_urlfetch function in index.c in Cyrus IMAP 2.3.x before 2.3.19, 2.4.x before 2.4.18, 2.5.x before 2.5.4 allows remote attackers to obtain sensitive information or possibly have unspecified other impact via vectors related to the urlfetch range, which triggers an out-of-bounds heap read. La función index_urlfetch en index.c en Cyrus IMAP 2.3.x en versiones anteriores a 2.3.19, 2.4.x en versiones anteriores a 2.4.18, 2.5.x en versiones anteriores a 2.5.4 permite a atacantes remotos obtener informaci... • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 3%CPEs: 43EXPL: 0CVE-2015-8077
https://notcve.org/view.php?id=CVE-2015-8077
03 Dec 2015 — Integer overflow in the index_urlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via vectors related to urlfetch range checks and the start_octet variable. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8076. Desbordamiento de entero en la función index_urlfetch en imap/index.c en Cyrus IMAP 2.3.19, 2.4.18 y 2.5.6 permite a atacantes remotos tener un impacto no especificado a través de vectores relacionados ... • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 0%CPEs: 43EXPL: 0CVE-2015-8078
https://notcve.org/view.php?id=CVE-2015-8078
03 Dec 2015 — Integer overflow in the index_urlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via vectors related to urlfetch range checks and the section_offset variable. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8076. Desbordamiento de entero en la función index_urlfetch en imap/index.c en Cyrus IMAP 2.3.19, 2.4.18 y 2.5.6 permite a atacantes remotos tener un impacto no especificado a través de vectores relacionad... • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 1%CPEs: 37EXPL: 0CVE-2008-5514
https://notcve.org/view.php?id=CVE-2008-5514
23 Dec 2008 — Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit before imap-2007e and other applications, allows context-dependent attackers to cause a denial of service (crash) via an e-mail message that triggers a buffer overflow. Error de superación de límite en la función rfc822_output_char en las rutinas RFC822BUFFER de las bibliotecas c-client library, de la Universidad de Washinton (UW), como las ut... • http://secunia.com/advisories/33275 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •