Mandriva Linux Security Advisory : cyrus-imapd (MDVSA-2011:149)

High Nessus Plugin ID 56525


The remote Mandriva Linux host is missing one or more security updates.


Multiple vulnerabilities has been discovered and corrected in cyrus-imapd :

Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command (CVE-2011-3208).

Secunia Research has discovered a vulnerability in Cyrus IMAPd, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error within the authentication mechanism of the NNTP server, which can be exploited to bypass the authentication process and execute commands intended for authenticated users by sending an AUTHINFO USER command without a following AUTHINFO PASS command (CVE-2011-3372).

Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: products_id=490

The updated packages have been patched to correct these issues.


Update the affected packages.

Plugin Details

Severity: High

ID: 56525

File Name: mandriva_MDVSA-2011-149.nasl

Version: $Revision: 1.5 $

Type: local

Published: 2011/10/17

Modified: 2013/06/01

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:cyrus-imapd, p-cpe:/a:mandriva:linux:cyrus-imapd-devel, p-cpe:/a:mandriva:linux:cyrus-imapd-murder, p-cpe:/a:mandriva:linux:cyrus-imapd-nntp, p-cpe:/a:mandriva:linux:cyrus-imapd-utils, p-cpe:/a:mandriva:linux:perl-Cyrus, cpe:/o:mandriva:linux:2009.0, cpe:/o:mandriva:linux:2010.1, cpe:/o:mandriva:linux:2011

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2011/10/14

Reference Information

CVE: CVE-2011-3208, CVE-2011-3372

BID: 49534, 49949

MDVSA: 2011:149