CVE-2011-3372

imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://cyrusimap.org/mediawiki/index.php/Latest_Updates
http://git.cyrusimap.org/cyrus-imapd/commit/?id=77903669e04c9788460561dd0560b9c916519594
http://secunia.com/advisories/46093	Vendor Advisory
http://secunia.com/secunia_research/2011-68	Vendor Advisory
http://securitytracker.com/id?1026363
http://www.debian.org/security/2011/dsa-2318
http://www.mandriva.com/security/advisories?name=MDVSA-2011:149
http://www.redhat.com/support/errata/RHSA-2011-1508.html
https://bugzilla.redhat.com/show_bug.cgi?id=740822

Configurations

Configuration 1 (hide)

cpe:2.3:a:cyrus:imapd:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2011-12-24 19:55

Updated : 2011-12-26 05:00

NVD link : CVE-2011-3372

Mitre link : CVE-2011-3372

CVE.ORG link : CVE-2011-3372

JSON object : View

Products Affected

cyrus

imapd

CWE

CWE-287

Improper Authentication

{"id": "CVE-2011-3372", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-12-24T19:55:01.773", "references": [{"url": "http://cyrusimap.org/mediawiki/index.php/Latest_Updates", "source": "secalert@redhat.com"}, {"url": "http://git.cyrusimap.org/cyrus-imapd/commit/?id=77903669e04c9788460561dd0560b9c916519594", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/46093", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/secunia_research/2011-68", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://securitytracker.com/id?1026363", "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2011/dsa-2318", "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:149", "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2011-1508.html", "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740822", "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command."}, {"lang": "es", "value": "imap/nntpd.c en el servidor NNTP (nntpd) para Cyrus IMAPd v2.4.x anterior a v2.4.12 permite a atacantes remotos eludir la autenticaci\u00f3n enviando un comando AUTHINFO USER sin un comando AUTHINFO PASS adicional"}], "lastModified": "2011-12-26T05:00:00.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cyrus:imapd:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CBF26F9-8B11-4428-A03F-2D18EA85FAB0", "versionEndIncluding": "2.4.11"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}