Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1926

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2011-1926
Last Modified 06 Sep 2011 11:16:47
Published 23 May 2011 06:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2011-1926

Summary

The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411.

Vulnerable Systems

Application

  • Cmu Cyrus Imap Server 2.0.17

  • Cmu Cyrus Imap Server 2.1.16

  • Cmu Cyrus Imap Server 2.1.17

  • Cmu Cyrus Imap Server 2.1.18

  • Cmu Cyrus Imap Server 2.2.10

  • Cmu Cyrus Imap Server 2.2.11

  • Cmu Cyrus Imap Server 2.2.12

  • Cmu Cyrus Imap Server 2.2.13

  • Cmu Cyrus Imap Server 2.2.13p1

  • Cmu Cyrus Imap Server 2.2.8

  • Cmu Cyrus Imap Server 2.2.9

  • Cmu Cyrus Imap Server 2.3.0

  • Cmu Cyrus Imap Server 2.3.1

  • Cmu Cyrus Imap Server 2.3.10

  • Cmu Cyrus Imap Server 2.3.11

  • Cmu Cyrus Imap Server 2.3.12

  • Cmu Cyrus Imap Server 2.3.12p1

  • Cmu Cyrus Imap Server 2.3.12p2

  • Cmu Cyrus Imap Server 2.3.13

  • Cmu Cyrus Imap Server 2.3.14

  • Cmu Cyrus Imap Server 2.3.15

  • Cmu Cyrus Imap Server 2.3.16

  • Cmu Cyrus Imap Server 2.3.2

  • Cmu Cyrus Imap Server 2.3.3

  • Cmu Cyrus Imap Server 2.3.4

  • Cmu Cyrus Imap Server 2.3.5

  • Cmu Cyrus Imap Server 2.3.6

  • Cmu Cyrus Imap Server 2.3.7

  • Cmu Cyrus Imap Server 2.3.8

  • Cmu Cyrus Imap Server 2.3.9

  • Cmu Cyrus Imap Server 2.4.0

  • Cmu Cyrus Imap Server 2.4.1

  • Cmu Cyrus Imap Server 2.4.2

  • Cmu Cyrus Imap Server 2.4.3

  • Cmu Cyrus Imap Server 2.4.4

  • Cmu Cyrus Imap Server 2.4.5

  • Cmu Cyrus Imap Server 2.4.6


References

CERT-VN - VU#555316

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=705288

MLIST - [oss-security] 20110517 CVE Request -- Cyrus-IMAP STARTTLS issue -- [was: Re: pure-ftpd STARTTLS command injection / new CVE?]

MLIST - [oss-security] 20110517 Re: CVE Request -- Cyrus-IMAP STARTTLS issue -- [was: Re: pure-ftpd STARTTLS command injection / new CVE?]

CONFIRM - http://git.cyrusimap.org/cyrus-imapd/patch/?id=523a91a5e86c8b9a27a138f04a3e3f2d8786f162

CONFIRM - http://bugzilla.cyrusimap.org/show_bug.cgi?id=3424

CONFIRM - http://bugzilla.cyrusimap.org/show_bug.cgi?id=3423

XF - cyrus-starttls-command-exec(67867)

SECTRACK - 1025625

REDHAT - RHSA-2011:0859

MANDRIVA - MDVSA-2011:100

DEBIAN - DSA-2258

DEBIAN - DSA-2242

CONFIRM - http://www.cyrusimap.org/docs/cyrus-imapd/2.4.7/changes.php

SECUNIA - 44928

SECUNIA - 44913

SECUNIA - 44876

SECUNIA - 44670

FEDORA - FEDORA-2011-7193

FEDORA - FEDORA-2011-7217

Related Patches

Red Hat 2011:0859-01 RHSA Moderate: cyrus-imapd security update for RHEL 5 x86


Last Updated: 27 May 2016 10:56:52