Cyrus IMAPd NTTP Logic Error Authentication Bypass Vulnerability

Bugtraq ID: 49949
Class: Access Validation Error
CVE: CVE-2011-3372
Remote: Yes
Local: No
Published: Oct 05 2011 12:00AM
Updated: Dec 02 2011 11:36PM
Credit: Stefan Cornelius of Secunia Research
Vulnerable: RedHat Enterprise Linux WS 4
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux Desktop Workstation 5 client
RedHat Enterprise Linux Desktop version 4
Red Hat Enterprise Linux Workstation Optional 6
Red Hat Enterprise Linux Workstation 6
Red Hat Enterprise Linux Server Optional 6
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux 5 Server
Oracle Enterprise Linux 6
Oracle Enterprise Linux 5
Oracle Enterprise Linux 4
Mandriva Linux Mandrake 2011 x86_64
Mandriva Linux Mandrake 2011
Mandriva Linux Mandrake 2010.1 x86_64
Mandriva Linux Mandrake 2010.1
Mandriva Linux Mandrake 2009.0 x86_64
Mandriva Linux Mandrake 2009.0
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Cyrus Cyrus IMAP Server 2.4.11
Cyrus Cyrus IMAP Server 2.4.10
Not Vulnerable: Cyrus Cyrus IMAP Server 2.4.12


 

Privacy Statement
Copyright 2010, SecurityFocus