Vulnerabilities > CVE-2011-3481 - Unspecified vulnerability in CMU Cyrus Imap Server
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message. Per: http://cwe.mitre.org/data/definitions/476.html 'CWE-476: NULL Pointer Dereference'
Vulnerable Configurations
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_CYRUS-IMAPD-7785.NASL description An authentication bypass (CVE-2011-3372) and a DoS vulnerability (CVE-2011-3481) have been fixed in the Cyrus IMAPd nntpd. last seen 2020-06-01 modified 2020-06-02 plugin id 57176 published 2011-12-13 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/57176 title SuSE 10 Security Update : cyrus-imapd (ZYPP Patch Number 7785) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(57176); script_version ("1.5"); script_cvs_date("Date: 2019/10/25 13:36:43"); script_cve_id("CVE-2011-3372", "CVE-2011-3481"); script_name(english:"SuSE 10 Security Update : cyrus-imapd (ZYPP Patch Number 7785)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "An authentication bypass (CVE-2011-3372) and a DoS vulnerability (CVE-2011-3481) have been fixed in the Cyrus IMAPd nntpd." ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-3372.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-3481.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 7785."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2011/10/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/12/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLES10", sp:4, reference:"cyrus-imapd-2.2.12-27.30.1")) flag++; if (rpm_check(release:"SLES10", sp:4, reference:"cyrus-imapd-devel-2.2.12-27.30.1")) flag++; if (rpm_check(release:"SLES10", sp:4, reference:"perl-Cyrus-IMAP-2.2.12-27.30.1")) flag++; if (rpm_check(release:"SLES10", sp:4, reference:"perl-Cyrus-SIEVE-managesieve-2.2.12-27.30.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");NASL family Scientific Linux Local Security Checks NASL id SL_20111201_CYRUS_IMAPD_ON_SL4_X.NASL description The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. An authentication bypass flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to read or post newsgroup messages on an NNTP server configured to require user authentication, without providing valid authentication credentials. (CVE-2011-3372) A NULL pointer dereference flaw was found in the cyrus-imapd IMAP server, imapd. A remote attacker could send a specially crafted mail message to a victim that would possibly prevent them from accessing their mail normally, if they were using an IMAP client that relies on the server threading IMAP feature. (CVE-2011-3481) Users of cyrus-imapd are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, cyrus-imapd will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 61182 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/61182 title Scientific Linux Security Update : cyrus-imapd on SL4.x, SL5.x, SL6.x i386/x86_64 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(61182); script_version("1.5"); script_cvs_date("Date: 2019/10/25 13:36:20"); script_cve_id("CVE-2011-3372", "CVE-2011-3481"); script_name(english:"Scientific Linux Security Update : cyrus-imapd on SL4.x, SL5.x, SL6.x i386/x86_64"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Scientific Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. An authentication bypass flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to read or post newsgroup messages on an NNTP server configured to require user authentication, without providing valid authentication credentials. (CVE-2011-3372) A NULL pointer dereference flaw was found in the cyrus-imapd IMAP server, imapd. A remote attacker could send a specially crafted mail message to a victim that would possibly prevent them from accessing their mail normally, if they were using an IMAP client that relies on the server threading IMAP feature. (CVE-2011-3481) Users of cyrus-imapd are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, cyrus-imapd will be restarted automatically." ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1112&L=scientific-linux-errata&T=0&P=79 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?816d6cb4" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2011/12/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); flag = 0; if (rpm_check(release:"SL4", reference:"cyrus-imapd-2.2.12-17.el4")) flag++; if (rpm_check(release:"SL4", reference:"cyrus-imapd-debuginfo-2.2.12-17.el4")) flag++; if (rpm_check(release:"SL4", reference:"cyrus-imapd-devel-2.2.12-17.el4")) flag++; if (rpm_check(release:"SL4", reference:"cyrus-imapd-murder-2.2.12-17.el4")) flag++; if (rpm_check(release:"SL4", reference:"cyrus-imapd-nntp-2.2.12-17.el4")) flag++; if (rpm_check(release:"SL4", reference:"cyrus-imapd-utils-2.2.12-17.el4")) flag++; if (rpm_check(release:"SL4", reference:"perl-Cyrus-2.2.12-17.el4")) flag++; if (rpm_check(release:"SL5", reference:"cyrus-imapd-2.3.7-12.el5_7.2")) flag++; if (rpm_check(release:"SL5", reference:"cyrus-imapd-debuginfo-2.3.7-12.el5_7.2")) flag++; if (rpm_check(release:"SL5", reference:"cyrus-imapd-devel-2.3.7-12.el5_7.2")) flag++; if (rpm_check(release:"SL5", reference:"cyrus-imapd-perl-2.3.7-12.el5_7.2")) flag++; if (rpm_check(release:"SL5", reference:"cyrus-imapd-utils-2.3.7-12.el5_7.2")) flag++; if (rpm_check(release:"SL6", reference:"cyrus-imapd-2.3.16-6.el6_1.4")) flag++; if (rpm_check(release:"SL6", reference:"cyrus-imapd-debuginfo-2.3.16-6.el6_1.4")) flag++; if (rpm_check(release:"SL6", reference:"cyrus-imapd-devel-2.3.16-6.el6_1.4")) flag++; if (rpm_check(release:"SL6", reference:"cyrus-imapd-utils-2.3.16-6.el6_1.4")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2011-27.NASL description An authentication bypass flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to read or post newsgroup messages on an NNTP server configured to require user authentication, without providing valid authentication credentials. (CVE-2011-3372) A NULL pointer dereference flaw was found in the cyrus-imapd IMAP server, imapd. A remote attacker could send a specially crafted mail message to a victim that would possibly prevent them from accessing their mail normally, if they were using an IMAP client that relies on the server threading IMAP feature. (CVE-2011-3481) last seen 2020-06-01 modified 2020-06-02 plugin id 69586 published 2013-09-04 reporter This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/69586 title Amazon Linux AMI : cyrus-imapd (ALAS-2011-27) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Amazon Linux AMI Security Advisory ALAS-2011-27. # include("compat.inc"); if (description) { script_id(69586); script_version("1.6"); script_cvs_date("Date: 2018/04/18 15:09:34"); script_cve_id("CVE-2011-3372", "CVE-2011-3481"); script_xref(name:"ALAS", value:"2011-27"); script_xref(name:"RHSA", value:"2011:1508"); script_name(english:"Amazon Linux AMI : cyrus-imapd (ALAS-2011-27)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Amazon Linux AMI host is missing a security update." ); script_set_attribute( attribute:"description", value: "An authentication bypass flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to read or post newsgroup messages on an NNTP server configured to require user authentication, without providing valid authentication credentials. (CVE-2011-3372) A NULL pointer dereference flaw was found in the cyrus-imapd IMAP server, imapd. A remote attacker could send a specially crafted mail message to a victim that would possibly prevent them from accessing their mail normally, if they were using an IMAP client that relies on the server threading IMAP feature. (CVE-2011-3481)" ); script_set_attribute( attribute:"see_also", value:"https://alas.aws.amazon.com/ALAS-2011-27.html" ); script_set_attribute( attribute:"solution", value:"Run 'yum update cyrus-imapd' to update your system." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:cyrus-imapd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:cyrus-imapd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:cyrus-imapd-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:cyrus-imapd-utils"); script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2011/12/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/04"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc."); script_family(english:"Amazon Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/AmazonLinux/release"); if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux"); os_ver = pregmatch(pattern: "^AL(A|\d)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux"); os_ver = os_ver[1]; if (os_ver != "A") { if (os_ver == 'A') os_ver = 'AMI'; audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver); } if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (rpm_check(release:"ALA", reference:"cyrus-imapd-2.3.16-6.5.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"cyrus-imapd-debuginfo-2.3.16-6.5.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"cyrus-imapd-devel-2.3.16-6.5.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"cyrus-imapd-utils-2.3.16-6.5.amzn1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "cyrus-imapd / cyrus-imapd-debuginfo / cyrus-imapd-devel / etc"); }NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2377.NASL description It was discovered that cyrus-imapd, a highly scalable mail system designed for use in enterprise environments, is not properly parsing mail headers when a client makes use of the IMAP threading feature. As a result, a NULL pointer is dereferenced which crashes the daemon. An attacker can trigger this by sending a mail containing crafted reference headers and access the mail with a client that uses the server threading feature of IMAP. last seen 2020-03-17 modified 2012-01-12 plugin id 57517 published 2012-01-12 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57517 title Debian DSA-2377-1 : cyrus-imapd-2.2 - NULL pointer dereference code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-2377. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(57517); script_version("1.7"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2011-3481"); script_bugtraq_id(49659); script_xref(name:"DSA", value:"2377"); script_name(english:"Debian DSA-2377-1 : cyrus-imapd-2.2 - NULL pointer dereference"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "It was discovered that cyrus-imapd, a highly scalable mail system designed for use in enterprise environments, is not properly parsing mail headers when a client makes use of the IMAP threading feature. As a result, a NULL pointer is dereferenced which crashes the daemon. An attacker can trigger this by sending a mail containing crafted reference headers and access the mail with a client that uses the server threading feature of IMAP." ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/squeeze/cyrus-imapd-2.2" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2012/dsa-2377" ); script_set_attribute( attribute:"solution", value: "Upgrade the cyrus-imapd-2.2 packages. For the oldstable distribution (lenny), this problem has been fixed in version 2.2.13-14+lenny6. For the stable distribution (squeeze), this problem has been fixed in version 2.2.13-19+squeeze3." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:cyrus-imapd-2.2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:5.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0"); script_set_attribute(attribute:"patch_publication_date", value:"2012/01/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/01/12"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"5.0", prefix:"cyrus-imapd-2.2", reference:"2.2.13-14+lenny6")) flag++; if (deb_check(release:"6.0", prefix:"cyrus-admin-2.2", reference:"2.2.13-19+squeeze3")) flag++; if (deb_check(release:"6.0", prefix:"cyrus-clients-2.2", reference:"2.2.13-19+squeeze3")) flag++; if (deb_check(release:"6.0", prefix:"cyrus-common-2.2", reference:"2.2.13-19+squeeze3")) flag++; if (deb_check(release:"6.0", prefix:"cyrus-dev-2.2", reference:"2.2.13-19+squeeze3")) flag++; if (deb_check(release:"6.0", prefix:"cyrus-doc-2.2", reference:"2.2.13-19+squeeze3")) flag++; if (deb_check(release:"6.0", prefix:"cyrus-imapd-2.2", reference:"2.2.13-19+squeeze3")) flag++; if (deb_check(release:"6.0", prefix:"cyrus-murder-2.2", reference:"2.2.13-19+squeeze3")) flag++; if (deb_check(release:"6.0", prefix:"cyrus-nntpd-2.2", reference:"2.2.13-19+squeeze3")) flag++; if (deb_check(release:"6.0", prefix:"cyrus-pop3d-2.2", reference:"2.2.13-19+squeeze3")) flag++; if (deb_check(release:"6.0", prefix:"libcyrus-imap-perl22", reference:"2.2.13-19+squeeze3")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2012-037.NASL description A vulnerability has been found and corrected in cyrus-imapd : The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message (CVE-2011-3481). The updated packages have been patched to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 58476 published 2012-03-26 reporter This script is Copyright (C) 2012-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/58476 title Mandriva Linux Security Advisory : cyrus-imapd (MDVSA-2012:037) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2012:037. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(58476); script_version("1.7"); script_cvs_date("Date: 2019/08/02 13:32:54"); script_cve_id("CVE-2011-3481"); script_bugtraq_id(49659); script_xref(name:"MDVSA", value:"2012:037"); script_name(english:"Mandriva Linux Security Advisory : cyrus-imapd (MDVSA-2012:037)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandriva Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "A vulnerability has been found and corrected in cyrus-imapd : The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message (CVE-2011-3481). The updated packages have been patched to correct this issue." ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:cyrus-imapd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:cyrus-imapd-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:cyrus-imapd-murder"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:cyrus-imapd-nntp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:cyrus-imapd-utils"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:perl-Cyrus"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2010.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2011"); script_set_attribute(attribute:"patch_publication_date", value:"2012/03/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/03/26"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK2010.1", reference:"cyrus-imapd-2.3.15-10.4mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"cyrus-imapd-devel-2.3.15-10.4mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"cyrus-imapd-murder-2.3.15-10.4mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"cyrus-imapd-nntp-2.3.15-10.4mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"cyrus-imapd-utils-2.3.15-10.4mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"perl-Cyrus-2.3.15-10.4mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", reference:"cyrus-imapd-2.3.16-7.2-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", reference:"cyrus-imapd-devel-2.3.16-7.2-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", reference:"cyrus-imapd-murder-2.3.16-7.2-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", reference:"cyrus-imapd-nntp-2.3.16-7.2-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", reference:"cyrus-imapd-utils-2.3.16-7.2-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", reference:"perl-Cyrus-2.3.16-7.2-mdv2011.0", yank:"mdv")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family SuSE Local Security Checks NASL id SUSE_11_3_CYRUS-IMAPD-111005.NASL description An authentication bypass (CVE-2011-3372) and a DoS vulnerability (CVE-2011-3481) have been fixed in the Cyrus IMAPd nntpd. last seen 2020-06-01 modified 2020-06-02 plugin id 75459 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75459 title openSUSE Security Update : cyrus-imapd (openSUSE-SU-2011:1170-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update cyrus-imapd-5240. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75459); script_version("1.5"); script_cvs_date("Date: 2019/10/25 13:36:41"); script_cve_id("CVE-2011-3372", "CVE-2011-3481"); script_name(english:"openSUSE Security Update : cyrus-imapd (openSUSE-SU-2011:1170-1)"); script_summary(english:"Check for the cyrus-imapd-5240 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "An authentication bypass (CVE-2011-3372) and a DoS vulnerability (CVE-2011-3481) have been fixed in the Cyrus IMAPd nntpd." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=719998" ); script_set_attribute( attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2011-10/msg00026.html" ); script_set_attribute( attribute:"solution", value:"Update the affected cyrus-imapd packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-imapd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-imapd-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-Cyrus-IMAP"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-Cyrus-SIEVE-managesieve"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.3"); script_set_attribute(attribute:"patch_publication_date", value:"2011/10/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.3", reference:"cyrus-imapd-2.3.16-8.9.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"cyrus-imapd-devel-2.3.16-8.9.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"perl-Cyrus-IMAP-2.3.16-8.9.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"perl-Cyrus-SIEVE-managesieve-2.3.16-8.9.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "cyrus-imapd / cyrus-imapd-devel / perl-Cyrus-IMAP / etc"); }NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2011-1508.NASL description Updated cyrus-imapd packages that fix two security issues are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. An authentication bypass flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to read or post newsgroup messages on an NNTP server configured to require user authentication, without providing valid authentication credentials. (CVE-2011-3372) A NULL pointer dereference flaw was found in the cyrus-imapd IMAP server, imapd. A remote attacker could send a specially crafted mail message to a victim that would possibly prevent them from accessing their mail normally, if they were using an IMAP client that relies on the server threading IMAP feature. (CVE-2011-3481) Red Hat would like to thank the Cyrus IMAP project for reporting the CVE-2011-3372 issue. Upstream acknowledges Stefan Cornelius of Secunia Research as the original reporter of CVE-2011-3372. Users of cyrus-imapd are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, cyrus-imapd will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 56985 published 2011-12-02 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/56985 title CentOS 4 / 5 : cyrus-imapd (CESA-2011:1508) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2011:1508 and # CentOS Errata and Security Advisory 2011:1508 respectively. # include("compat.inc"); if (description) { script_id(56985); script_version("1.12"); script_cvs_date("Date: 2019/10/25 13:36:06"); script_cve_id("CVE-2011-3372", "CVE-2011-3481"); script_bugtraq_id(49659, 49949); script_xref(name:"RHSA", value:"2011:1508"); script_name(english:"CentOS 4 / 5 : cyrus-imapd (CESA-2011:1508)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated cyrus-imapd packages that fix two security issues are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. An authentication bypass flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to read or post newsgroup messages on an NNTP server configured to require user authentication, without providing valid authentication credentials. (CVE-2011-3372) A NULL pointer dereference flaw was found in the cyrus-imapd IMAP server, imapd. A remote attacker could send a specially crafted mail message to a victim that would possibly prevent them from accessing their mail normally, if they were using an IMAP client that relies on the server threading IMAP feature. (CVE-2011-3481) Red Hat would like to thank the Cyrus IMAP project for reporting the CVE-2011-3372 issue. Upstream acknowledges Stefan Cornelius of Secunia Research as the original reporter of CVE-2011-3372. Users of cyrus-imapd are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, cyrus-imapd will be restarted automatically." ); # https://lists.centos.org/pipermail/centos-announce/2011-December/018281.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?1ec45129" ); # https://lists.centos.org/pipermail/centos-announce/2011-December/018282.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?dee0a792" ); # https://lists.centos.org/pipermail/centos-announce/2011-December/018283.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?1fb280c5" ); # https://lists.centos.org/pipermail/centos-announce/2011-December/018284.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?68ac20bc" ); script_set_attribute( attribute:"solution", value:"Update the affected cyrus-imapd packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:cyrus-imapd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:cyrus-imapd-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:cyrus-imapd-murder"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:cyrus-imapd-nntp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:cyrus-imapd-perl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:cyrus-imapd-utils"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Cyrus"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:4"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5"); script_set_attribute(attribute:"vuln_publication_date", value:"2011/09/14"); script_set_attribute(attribute:"patch_publication_date", value:"2011/12/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/12/02"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^(4|5)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 4.x / 5.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"cyrus-imapd-2.2.12-17.el4")) flag++; if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"cyrus-imapd-2.2.12-17.el4")) flag++; if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"cyrus-imapd-devel-2.2.12-17.el4")) flag++; if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"cyrus-imapd-devel-2.2.12-17.el4")) flag++; if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"cyrus-imapd-murder-2.2.12-17.el4")) flag++; if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"cyrus-imapd-murder-2.2.12-17.el4")) flag++; if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"cyrus-imapd-nntp-2.2.12-17.el4")) flag++; if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"cyrus-imapd-nntp-2.2.12-17.el4")) flag++; if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"cyrus-imapd-utils-2.2.12-17.el4")) flag++; if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"cyrus-imapd-utils-2.2.12-17.el4")) flag++; if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"perl-Cyrus-2.2.12-17.el4")) flag++; if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"perl-Cyrus-2.2.12-17.el4")) flag++; if (rpm_check(release:"CentOS-5", reference:"cyrus-imapd-2.3.7-12.el5_7.2")) flag++; if (rpm_check(release:"CentOS-5", reference:"cyrus-imapd-devel-2.3.7-12.el5_7.2")) flag++; if (rpm_check(release:"CentOS-5", reference:"cyrus-imapd-perl-2.3.7-12.el5_7.2")) flag++; if (rpm_check(release:"CentOS-5", reference:"cyrus-imapd-utils-2.3.7-12.el5_7.2")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "cyrus-imapd / cyrus-imapd-devel / cyrus-imapd-murder / etc"); }NASL family SuSE Local Security Checks NASL id SUSE_CYRUS-IMAPD-7786.NASL description An authentication bypass (CVE-2011-3372) and a DoS vulnerability (CVE-2011-3481) have been fixed in the Cyrus IMAPd nntpd. last seen 2020-06-01 modified 2020-06-02 plugin id 56605 published 2011-10-24 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/56605 title SuSE 10 Security Update : cyrus-imapd (ZYPP Patch Number 7786) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(56605); script_version ("1.7"); script_cvs_date("Date: 2019/10/25 13:36:43"); script_cve_id("CVE-2011-3372", "CVE-2011-3481"); script_name(english:"SuSE 10 Security Update : cyrus-imapd (ZYPP Patch Number 7786)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "An authentication bypass (CVE-2011-3372) and a DoS vulnerability (CVE-2011-3481) have been fixed in the Cyrus IMAPd nntpd." ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-3372.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-3481.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 7786."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2011/10/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/10/24"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLES10", sp:3, reference:"cyrus-imapd-2.2.12-27.16.32.2")) flag++; if (rpm_check(release:"SLES10", sp:3, reference:"cyrus-imapd-devel-2.2.12-27.16.32.2")) flag++; if (rpm_check(release:"SLES10", sp:3, reference:"perl-Cyrus-IMAP-2.2.12-27.16.32.2")) flag++; if (rpm_check(release:"SLES10", sp:3, reference:"perl-Cyrus-SIEVE-managesieve-2.2.12-27.16.32.2")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2011-1508.NASL description From Red Hat Security Advisory 2011:1508 : Updated cyrus-imapd packages that fix two security issues are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. An authentication bypass flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to read or post newsgroup messages on an NNTP server configured to require user authentication, without providing valid authentication credentials. (CVE-2011-3372) A NULL pointer dereference flaw was found in the cyrus-imapd IMAP server, imapd. A remote attacker could send a specially crafted mail message to a victim that would possibly prevent them from accessing their mail normally, if they were using an IMAP client that relies on the server threading IMAP feature. (CVE-2011-3481) Red Hat would like to thank the Cyrus IMAP project for reporting the CVE-2011-3372 issue. Upstream acknowledges Stefan Cornelius of Secunia Research as the original reporter of CVE-2011-3372. Users of cyrus-imapd are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, cyrus-imapd will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 68397 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68397 title Oracle Linux 4 / 5 / 6 : cyrus-imapd (ELSA-2011-1508) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2011:1508 and # Oracle Linux Security Advisory ELSA-2011-1508 respectively. # include("compat.inc"); if (description) { script_id(68397); script_version("1.9"); script_cvs_date("Date: 2019/10/25 13:36:09"); script_cve_id("CVE-2011-3372", "CVE-2011-3481"); script_bugtraq_id(49659, 49949); script_xref(name:"RHSA", value:"2011:1508"); script_name(english:"Oracle Linux 4 / 5 / 6 : cyrus-imapd (ELSA-2011-1508)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Oracle Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "From Red Hat Security Advisory 2011:1508 : Updated cyrus-imapd packages that fix two security issues are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. An authentication bypass flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to read or post newsgroup messages on an NNTP server configured to require user authentication, without providing valid authentication credentials. (CVE-2011-3372) A NULL pointer dereference flaw was found in the cyrus-imapd IMAP server, imapd. A remote attacker could send a specially crafted mail message to a victim that would possibly prevent them from accessing their mail normally, if they were using an IMAP client that relies on the server threading IMAP feature. (CVE-2011-3481) Red Hat would like to thank the Cyrus IMAP project for reporting the CVE-2011-3372 issue. Upstream acknowledges Stefan Cornelius of Secunia Research as the original reporter of CVE-2011-3372. Users of cyrus-imapd are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, cyrus-imapd will be restarted automatically." ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2011-December/002490.html" ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2011-December/002491.html" ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2011-December/002492.html" ); script_set_attribute( attribute:"solution", value:"Update the affected cyrus-imapd packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:cyrus-imapd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:cyrus-imapd-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:cyrus-imapd-murder"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:cyrus-imapd-nntp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:cyrus-imapd-perl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:cyrus-imapd-utils"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Cyrus"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:4"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2011/09/14"); script_set_attribute(attribute:"patch_publication_date", value:"2011/12/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Oracle Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux"); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux"); os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^(4|5|6)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 4 / 5 / 6", "Oracle Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu); flag = 0; if (rpm_check(release:"EL4", reference:"cyrus-imapd-2.2.12-17.0.1.el4")) flag++; if (rpm_check(release:"EL4", reference:"cyrus-imapd-devel-2.2.12-17.0.1.el4")) flag++; if (rpm_check(release:"EL4", reference:"cyrus-imapd-murder-2.2.12-17.0.1.el4")) flag++; if (rpm_check(release:"EL4", reference:"cyrus-imapd-nntp-2.2.12-17.0.1.el4")) flag++; if (rpm_check(release:"EL4", reference:"cyrus-imapd-utils-2.2.12-17.0.1.el4")) flag++; if (rpm_check(release:"EL4", reference:"perl-Cyrus-2.2.12-17.0.1.el4")) flag++; if (rpm_check(release:"EL5", reference:"cyrus-imapd-2.3.7-12.0.1.el5_7.2")) flag++; if (rpm_check(release:"EL5", reference:"cyrus-imapd-devel-2.3.7-12.0.1.el5_7.2")) flag++; if (rpm_check(release:"EL5", reference:"cyrus-imapd-perl-2.3.7-12.0.1.el5_7.2")) flag++; if (rpm_check(release:"EL5", reference:"cyrus-imapd-utils-2.3.7-12.0.1.el5_7.2")) flag++; if (rpm_check(release:"EL6", reference:"cyrus-imapd-2.3.16-6.el6_1.4")) flag++; if (rpm_check(release:"EL6", reference:"cyrus-imapd-devel-2.3.16-6.el6_1.4")) flag++; if (rpm_check(release:"EL6", reference:"cyrus-imapd-utils-2.3.16-6.el6_1.4")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "cyrus-imapd / cyrus-imapd-devel / cyrus-imapd-murder / etc"); }NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201110-16.NASL description The remote host is affected by the vulnerability described in GLSA-201110-16 (Cyrus IMAP Server: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in the Cyrus IMAP Server. Please review the CVE identifiers referenced below for details. Impact : An unauthenticated local or remote attacker may be able to execute arbitrary code with the privileges of the Cyrus IMAP Server process or cause a Denial of Service. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 56591 published 2011-10-24 reporter This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/56591 title GLSA-201110-16 : Cyrus IMAP Server: Multiple vulnerabilities code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201110-16. # # The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(56591); script_version("1.7"); script_cvs_date("Date: 2018/07/11 17:09:26"); script_cve_id("CVE-2009-2632", "CVE-2011-3208", "CVE-2011-3481"); script_bugtraq_id(36296, 36377, 49534, 49659); script_xref(name:"GLSA", value:"201110-16"); script_name(english:"GLSA-201110-16 : Cyrus IMAP Server: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201110-16 (Cyrus IMAP Server: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in the Cyrus IMAP Server. Please review the CVE identifiers referenced below for details. Impact : An unauthenticated local or remote attacker may be able to execute arbitrary code with the privileges of the Cyrus IMAP Server process or cause a Denial of Service. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201110-16" ); script_set_attribute( attribute:"solution", value: "All Cyrus IMAP Server users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-mail/cyrus-imapd-2.4.12'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(119); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:cyrus-imapd"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2011/10/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/10/24"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"net-mail/cyrus-imapd", unaffected:make_list("ge 2.4.12"), vulnerable:make_list("lt 2.4.12"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Cyrus IMAP Server"); }NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2011-1508.NASL description Updated cyrus-imapd packages that fix two security issues are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. An authentication bypass flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to read or post newsgroup messages on an NNTP server configured to require user authentication, without providing valid authentication credentials. (CVE-2011-3372) A NULL pointer dereference flaw was found in the cyrus-imapd IMAP server, imapd. A remote attacker could send a specially crafted mail message to a victim that would possibly prevent them from accessing their mail normally, if they were using an IMAP client that relies on the server threading IMAP feature. (CVE-2011-3481) Red Hat would like to thank the Cyrus IMAP project for reporting the CVE-2011-3372 issue. Upstream acknowledges Stefan Cornelius of Secunia Research as the original reporter of CVE-2011-3372. Users of cyrus-imapd are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, cyrus-imapd will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 56991 published 2011-12-02 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/56991 title RHEL 4 / 5 / 6 : cyrus-imapd (RHSA-2011:1508) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2011:1508. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(56991); script_version ("1.18"); script_cvs_date("Date: 2019/10/25 13:36:16"); script_cve_id("CVE-2011-3372", "CVE-2011-3481"); script_bugtraq_id(49659, 49949); script_xref(name:"RHSA", value:"2011:1508"); script_name(english:"RHEL 4 / 5 / 6 : cyrus-imapd (RHSA-2011:1508)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated cyrus-imapd packages that fix two security issues are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. An authentication bypass flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to read or post newsgroup messages on an NNTP server configured to require user authentication, without providing valid authentication credentials. (CVE-2011-3372) A NULL pointer dereference flaw was found in the cyrus-imapd IMAP server, imapd. A remote attacker could send a specially crafted mail message to a victim that would possibly prevent them from accessing their mail normally, if they were using an IMAP client that relies on the server threading IMAP feature. (CVE-2011-3481) Red Hat would like to thank the Cyrus IMAP project for reporting the CVE-2011-3372 issue. Upstream acknowledges Stefan Cornelius of Secunia Research as the original reporter of CVE-2011-3372. Users of cyrus-imapd are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, cyrus-imapd will be restarted automatically." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-3372" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-3481" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2011:1508" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:cyrus-imapd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:cyrus-imapd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:cyrus-imapd-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:cyrus-imapd-murder"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:cyrus-imapd-nntp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:cyrus-imapd-perl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:cyrus-imapd-utils"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:perl-Cyrus"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6.1"); script_set_attribute(attribute:"vuln_publication_date", value:"2011/09/14"); script_set_attribute(attribute:"patch_publication_date", value:"2011/12/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/12/02"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^(4|5|6)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 4.x / 5.x / 6.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2011:1508"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL4", reference:"cyrus-imapd-2.2.12-17.el4")) flag++; if (rpm_check(release:"RHEL4", reference:"cyrus-imapd-devel-2.2.12-17.el4")) flag++; if (rpm_check(release:"RHEL4", reference:"cyrus-imapd-murder-2.2.12-17.el4")) flag++; if (rpm_check(release:"RHEL4", reference:"cyrus-imapd-nntp-2.2.12-17.el4")) flag++; if (rpm_check(release:"RHEL4", reference:"cyrus-imapd-utils-2.2.12-17.el4")) flag++; if (rpm_check(release:"RHEL4", reference:"perl-Cyrus-2.2.12-17.el4")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"cyrus-imapd-2.3.7-12.el5_7.2")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"cyrus-imapd-2.3.7-12.el5_7.2")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"cyrus-imapd-2.3.7-12.el5_7.2")) flag++; if (rpm_check(release:"RHEL5", reference:"cyrus-imapd-devel-2.3.7-12.el5_7.2")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"cyrus-imapd-perl-2.3.7-12.el5_7.2")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"cyrus-imapd-perl-2.3.7-12.el5_7.2")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"cyrus-imapd-perl-2.3.7-12.el5_7.2")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"cyrus-imapd-utils-2.3.7-12.el5_7.2")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"cyrus-imapd-utils-2.3.7-12.el5_7.2")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"cyrus-imapd-utils-2.3.7-12.el5_7.2")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"cyrus-imapd-2.3.16-6.el6_1.4")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"cyrus-imapd-2.3.16-6.el6_1.4")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"cyrus-imapd-2.3.16-6.el6_1.4")) flag++; if (rpm_check(release:"RHEL6", reference:"cyrus-imapd-debuginfo-2.3.16-6.el6_1.4")) flag++; if (rpm_check(release:"RHEL6", reference:"cyrus-imapd-devel-2.3.16-6.el6_1.4")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"cyrus-imapd-utils-2.3.16-6.el6_1.4")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"cyrus-imapd-utils-2.3.16-6.el6_1.4")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"cyrus-imapd-utils-2.3.16-6.el6_1.4")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "cyrus-imapd / cyrus-imapd-debuginfo / cyrus-imapd-devel / etc"); } }NASL family SuSE Local Security Checks NASL id SUSE_11_4_CYRUS-IMAPD-111005.NASL description An authentication bypass (CVE-2011-3372) and a DoS vulnerability (CVE-2011-3481) have been fixed in the Cyrus IMAPd nntpd. last seen 2020-06-01 modified 2020-06-02 plugin id 75811 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75811 title openSUSE Security Update : cyrus-imapd (openSUSE-SU-2011:1170-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update cyrus-imapd-5240. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75811); script_version("1.5"); script_cvs_date("Date: 2019/10/25 13:36:42"); script_cve_id("CVE-2011-3372", "CVE-2011-3481"); script_name(english:"openSUSE Security Update : cyrus-imapd (openSUSE-SU-2011:1170-1)"); script_summary(english:"Check for the cyrus-imapd-5240 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "An authentication bypass (CVE-2011-3372) and a DoS vulnerability (CVE-2011-3481) have been fixed in the Cyrus IMAPd nntpd." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=719998" ); script_set_attribute( attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2011-10/msg00026.html" ); script_set_attribute( attribute:"solution", value:"Update the affected cyrus-imapd packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-imapd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-imapd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-imapd-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-imapd-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-Cyrus-IMAP"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-Cyrus-IMAP-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-Cyrus-SIEVE-managesieve"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-Cyrus-SIEVE-managesieve-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.4"); script_set_attribute(attribute:"patch_publication_date", value:"2011/10/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.4)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.4", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.4", reference:"cyrus-imapd-2.3.16-16.21.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"cyrus-imapd-debuginfo-2.3.16-16.21.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"cyrus-imapd-debugsource-2.3.16-16.21.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"cyrus-imapd-devel-2.3.16-16.21.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"perl-Cyrus-IMAP-2.3.16-16.21.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"perl-Cyrus-IMAP-debuginfo-2.3.16-16.21.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"perl-Cyrus-SIEVE-managesieve-2.3.16-16.21.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"perl-Cyrus-SIEVE-managesieve-debuginfo-2.3.16-16.21.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "cyrus-imapd / cyrus-imapd-devel / perl-Cyrus-IMAP / etc"); }NASL family SuSE Local Security Checks NASL id SUSE_11_CYRUS-IMAPD-111005.NASL description An authentication bypass (CVE-2011-3372) and a DoS vulnerability (CVE-2011-3481) have been fixed in the Cyrus IMAPd nntpd. last seen 2020-06-01 modified 2020-06-02 plugin id 57096 published 2011-12-13 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/57096 title SuSE 11.1 Security Update : cyrus-imapd (SAT Patch Number 5233) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SuSE 11 update information. The text itself is # copyright (C) Novell, Inc. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(57096); script_version("1.6"); script_cvs_date("Date: 2019/10/25 13:36:42"); script_cve_id("CVE-2011-3372", "CVE-2011-3481"); script_name(english:"SuSE 11.1 Security Update : cyrus-imapd (SAT Patch Number 5233)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 11 host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An authentication bypass (CVE-2011-3372) and a DoS vulnerability (CVE-2011-3481) have been fixed in the Cyrus IMAPd nntpd." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=718428" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=719998" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-3372.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-3481.html" ); script_set_attribute(attribute:"solution", value:"Apply SAT patch number 5233."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:cyrus-imapd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:perl-Cyrus-IMAP"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:perl-Cyrus-SIEVE-managesieve"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11"); script_set_attribute(attribute:"patch_publication_date", value:"2011/10/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/12/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11"); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu); pl = get_kb_item("Host/SuSE/patchlevel"); if (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, "SuSE 11.1"); flag = 0; if (rpm_check(release:"SLES11", sp:1, reference:"cyrus-imapd-2.3.11-60.65.64.1")) flag++; if (rpm_check(release:"SLES11", sp:1, reference:"perl-Cyrus-IMAP-2.3.11-60.65.64.1")) flag++; if (rpm_check(release:"SLES11", sp:1, reference:"perl-Cyrus-SIEVE-managesieve-2.3.11-60.65.64.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
References
- http://bugzilla.cyrusimap.org/show_bug.cgi?id=2772
- http://bugzilla.cyrusimap.org/show_bug.cgi?id=3463
- http://git.cyrusimap.org/cyrus-imapd/commit/?id=6e776956a1a9dfa58eacdd0ddd52644009eac9e5
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:037
- http://www.redhat.com/support/errata/RHSA-2011-1508.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69842