CVE-2011-3208

Published: Sep 14, 2011Modified: Apr 29, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command.

Affected (40)

Products: Cmu: Cyrus Imap Server

1 product

Cyrus Imap Server

Configuration A

29 vulnerable

Vulnerable Software	Affected Versions
Cmu Cyrus Imap Server	Up to 2.3.16
Cmu Cyrus Imap Server	Version 2.0.17
Cmu Cyrus Imap Server	Version 2.1.16
Cmu Cyrus Imap Server	Version 2.1.17
Cmu Cyrus Imap Server	Version 2.1.18
Cmu Cyrus Imap Server	Version 2.2.10
Cmu Cyrus Imap Server	Version 2.2.11
Cmu Cyrus Imap Server	Version 2.2.12
Cmu Cyrus Imap Server	Version 2.2.13
Cmu Cyrus Imap Server	Version 2.2.13p1
Cmu Cyrus Imap Server	Version 2.2.14
Cmu Cyrus Imap Server	Version 2.2.8
Cmu Cyrus Imap Server	Version 2.2.9
Cmu Cyrus Imap Server	Version 2.3.0
Cmu Cyrus Imap Server	Version 2.3.10
Cmu Cyrus Imap Server	Version 2.3.11
Cmu Cyrus Imap Server	Version 2.3.12
Cmu Cyrus Imap Server	Version 2.3.13
Cmu Cyrus Imap Server	Version 2.3.14
Cmu Cyrus Imap Server	Version 2.3.15
Cmu Cyrus Imap Server	Version 2.3.1
Cmu Cyrus Imap Server	Version 2.3.2
Cmu Cyrus Imap Server	Version 2.3.3
Cmu Cyrus Imap Server	Version 2.3.4
Cmu Cyrus Imap Server	Version 2.3.5
Cmu Cyrus Imap Server	Version 2.3.6
Cmu Cyrus Imap Server	Version 2.3.7
Cmu Cyrus Imap Server	Version 2.3.8
Cmu Cyrus Imap Server	Version 2.3.9

Configuration B

11 vulnerable

Vulnerable Software	Affected Versions
Cmu Cyrus Imap Server	Version 2.4.0
Cmu Cyrus Imap Server	Version 2.4.10
Cmu Cyrus Imap Server	Version 2.4.1
Cmu Cyrus Imap Server	Version 2.4.2
Cmu Cyrus Imap Server	Version 2.4.3
Cmu Cyrus Imap Server	Version 2.4.4
Cmu Cyrus Imap Server	Version 2.4.5
Cmu Cyrus Imap Server	Version 2.4.6
Cmu Cyrus Imap Server	Version 2.4.7
Cmu Cyrus Imap Server	Version 2.4.8
Cmu Cyrus Imap Server	Version 2.4.9

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (34)

http://asg.andrew.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce&msg=199

Source: secalert@redhat.com

http://asg.andrew.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce&msg=200

Source: secalert@redhat.com

http://git.cyrusimap.org/cyrus-imapd/commit/?id=0f8f026699829b65733c3081657b24e2174f4f4d

Source: secalert@redhat.com

Patch

http://git.cyrusimap.org/cyrus-imapd/commit/?id=3244c18c928fa331f6927e2b8146abe90feafddd

Source: secalert@redhat.com

Patch

http://lists.opensuse.org/opensuse-updates/2011-09/msg00019.html

Source: secalert@redhat.com

http://secunia.com/advisories/45938

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/45975

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/46064

Source: secalert@redhat.com

Vendor Advisory

http://securitytracker.com/id?1026031

Source: secalert@redhat.com

http://www.debian.org/security/2011/dsa-2318

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDVSA-2011:149

Source: secalert@redhat.com

http://www.osvdb.org/75307

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2011-1317.html

Source: secalert@redhat.com

http://www.securityfocus.com/bid/49534

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=734926

Source: secalert@redhat.com

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/69679

Source: secalert@redhat.com

https://hermes.opensuse.org/messages/11723935

Source: secalert@redhat.com

http://asg.andrew.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce&msg=199

Source: af854a3a-2127-422b-91ae-364da2661108

http://asg.andrew.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce&msg=200

Source: af854a3a-2127-422b-91ae-364da2661108

http://git.cyrusimap.org/cyrus-imapd/commit/?id=0f8f026699829b65733c3081657b24e2174f4f4d

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://git.cyrusimap.org/cyrus-imapd/commit/?id=3244c18c928fa331f6927e2b8146abe90feafddd

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://lists.opensuse.org/opensuse-updates/2011-09/msg00019.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/45938

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/45975

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/46064

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securitytracker.com/id?1026031

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2011/dsa-2318

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDVSA-2011:149

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/75307

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2011-1317.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/49534

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=734926

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/69679

Source: af854a3a-2127-422b-91ae-364da2661108

https://hermes.opensuse.org/messages/11723935

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.