CVE-2011-3372

imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://git.cyrusimap.org/cyrus-imapd/commit/?id=77903669e04c9788460561dd0560b9c916519594
http://www.mandriva.com/security/advisories?name=MDVSA-2011:149
http://cyrusimap.org/mediawiki/index.php/Latest_Updates
http://www.redhat.com/support/errata/RHSA-2011-1508.html
http://securitytracker.com/id?1026363
http://secunia.com/secunia_research/2011-68	Vendor Advisory
http://www.debian.org/security/2011/dsa-2318
http://secunia.com/advisories/46093	Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=740822

Configurations

Configuration 1 (hide)

cpe:2.3:a:cyrus:imapd:*:*:*:*:*:*:*:*

Information

Published : 2011-12-24 11:55

Updated : 2011-12-25 21:00

NVD link : CVE-2011-3372

Mitre link : CVE-2011-3372

JSON object : View

CWE

CWE-287

Improper Authentication

Products Affected

cyrus

imapd

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://git.cyrusimap.org/cyrus-imapd/commit/?id=77903669e04c9788460561dd0560b9c916519594", "name": "http://git.cyrusimap.org/cyrus-imapd/commit/?id=77903669e04c9788460561dd0560b9c916519594", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:149", "name": "MDVSA-2011:149", "tags": [], "refsource": "MANDRIVA"}, {"url": "http://cyrusimap.org/mediawiki/index.php/Latest_Updates", "name": "http://cyrusimap.org/mediawiki/index.php/Latest_Updates", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.redhat.com/support/errata/RHSA-2011-1508.html", "name": "RHSA-2011:1508", "tags": [], "refsource": "REDHAT"}, {"url": "http://securitytracker.com/id?1026363", "name": "1026363", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/secunia_research/2011-68", "name": "http://secunia.com/secunia_research/2011-68", "tags": ["Vendor Advisory"], "refsource": "MISC"}, {"url": "http://www.debian.org/security/2011/dsa-2318", "name": "DSA-2318", "tags": [], "refsource": "DEBIAN"}, {"url": "http://secunia.com/advisories/46093", "name": "46093", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740822", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=740822", "tags": [], "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-287"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2011-3372", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2011-12-24T19:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:cyrus:imapd:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "2.4.11"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2011-12-26T05:00Z"}

7.5 /10