Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cyrus imapd 2.1.17 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-0546
Multiple buffer overflows in Cyrus IMAPd prior to 2.2.11 may allow malicious users to execute arbitrary code via (1) an off-by-one error in the imapd annotate extension, (2) an off-by-one error in "cached header handling," (3) a stack-based buffer overflow in fetchnews,...
Cyrus Imapd 2.0.17
Cyrus Imapd 2.1.16
Cyrus Imapd 2.1.17
Cyrus Imapd 2.1.18
Cyrus Imapd 2.2.10
4.3
CVSSv2
CVE-2011-3481
The index_get_ids function in index.c in imapd in Cyrus IMAP Server prior to 2.4.11, when server-side threading is enabled, allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message.
Cmu Cyrus Imap Server 2.3.13
Cmu Cyrus Imap Server 2.3.9
Cmu Cyrus Imap Server 2.3.7
Cmu Cyrus Imap Server 2.3.8
Cmu Cyrus Imap Server 2.4.8
Cmu Cyrus Imap Server 2.0.17
Cmu Cyrus Imap Server 2.2.9
Cmu Cyrus Imap Server 2.2.8
Cmu Cyrus Imap Server
Cmu Cyrus Imap Server 2.3.17
Cmu Cyrus Imap Server 2.3.15
Cmu Cyrus Imap Server 2.3.2
Cmu Cyrus Imap Server 2.4.9
Cmu Cyrus Imap Server 2.4.0
Cmu Cyrus Imap Server 2.1.16
Cmu Cyrus Imap Server 2.4.7
Cmu Cyrus Imap Server 2.3.1
Cmu Cyrus Imap Server 2.3.0
Cmu Cyrus Imap Server 2.3.14
Cmu Cyrus Imap Server 2.3.16
Cmu Cyrus Imap Server 2.3.12
Cmu Cyrus Imap Server 2.3.5
5.1
CVSSv2
CVE-2011-1926
The STARTTLS implementation in Cyrus IMAP Server prior to 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle malicious users to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a...
Cmu Cyrus Imap Server 2.4.2
Cmu Cyrus Imap Server 2.4.1
Cmu Cyrus Imap Server 2.4.0
Cmu Cyrus Imap Server 2.3.3
Cmu Cyrus Imap Server 2.3.2
Cmu Cyrus Imap Server 2.3.1
Cmu Cyrus Imap Server 2.3.0
Cmu Cyrus Imap Server 2.1.16
Cmu Cyrus Imap Server 2.3.11
Cmu Cyrus Imap Server 2.0.17
Cmu Cyrus Imap Server
Cmu Cyrus Imap Server 2.4.5
Cmu Cyrus Imap Server 2.3.7
Cmu Cyrus Imap Server 2.3.6
Cmu Cyrus Imap Server 2.3.12
Cmu Cyrus Imap Server 2.2.12
Cmu Cyrus Imap Server 2.2.11
Cmu Cyrus Imap Server 2.3.16
Cmu Cyrus Imap Server 2.3.14
Cmu Cyrus Imap Server 2.2.13
Cmu Cyrus Imap Server 2.3.9
Cmu Cyrus Imap Server 2.3.8
7.5
CVSSv2
CVE-2011-3208
Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server prior to 2.3.17 and 2.4.x prior to 2.4.11 allows remote malicious users to execute arbitrary code via a crafted NNTP command.
Cmu Cyrus Imap Server 2.0.17
Cmu Cyrus Imap Server 2.1.16
Cmu Cyrus Imap Server 2.2.11
Cmu Cyrus Imap Server 2.2.9
Cmu Cyrus Imap Server 2.3.1
Cmu Cyrus Imap Server 2.3.0
Cmu Cyrus Imap Server 2.3.11
Cmu Cyrus Imap Server 2.1.17
Cmu Cyrus Imap Server 2.1.18
Cmu Cyrus Imap Server 2.2.10
Cmu Cyrus Imap Server 2.2.8
Cmu Cyrus Imap Server 2.3.15
Cmu Cyrus Imap Server 2.3.13
Cmu Cyrus Imap Server 2.3.9
Cmu Cyrus Imap Server 2.3.10
Cmu Cyrus Imap Server 2.3.14
Cmu Cyrus Imap Server 2.2.14
Cmu Cyrus Imap Server 2.2.12
Cmu Cyrus Imap Server 2.3.4
Cmu Cyrus Imap Server 2.3.12
Cmu Cyrus Imap Server 2.3.7
Cmu Cyrus Imap Server 2.3.8
10
CVSSv2
CVE-2004-1013
The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x up to and including 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an inde...
Carnegie Mellon University Cyrus Imap Server 2.1.7
Carnegie Mellon University Cyrus Imap Server 2.1.9
Carnegie Mellon University Cyrus Imap Server 2.2.7
Carnegie Mellon University Cyrus Imap Server 2.2.8
Carnegie Mellon University Cyrus Imap Server 2.1.10
Carnegie Mellon University Cyrus Imap Server 2.1.16
Carnegie Mellon University Cyrus Imap Server 2.2.5
Carnegie Mellon University Cyrus Imap Server 2.2.6
Carnegie Mellon University Cyrus Imap Server 2.2.2 Beta
Carnegie Mellon University Cyrus Imap Server 2.2.3
Carnegie Mellon University Cyrus Imap Server 2.2.4
Conectiva Linux 9.0
Carnegie Mellon University Cyrus Imap Server 2.2.0 Alpha
Carnegie Mellon University Cyrus Imap Server 2.2.1 Beta
Openpkg Openpkg Current
Conectiva Linux 10.0
Trustix Secure Linux 2.0
Trustix Secure Linux 2.1
Redhat Fedora Core Core 2.0
Redhat Fedora Core Core 3.0
Ubuntu Ubuntu Linux 4.1
Trustix Secure Linux 2.2
10
CVSSv2
CVE-2004-1012
The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and previous versions allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index in...
Carnegie Mellon University Cyrus Imap Server 2.1.7
Carnegie Mellon University Cyrus Imap Server 2.1.9
Carnegie Mellon University Cyrus Imap Server 2.2.7
Carnegie Mellon University Cyrus Imap Server 2.2.8
Carnegie Mellon University Cyrus Imap Server 2.1.10
Carnegie Mellon University Cyrus Imap Server 2.1.16
Carnegie Mellon University Cyrus Imap Server 2.2.4
Carnegie Mellon University Cyrus Imap Server 2.2.5
Carnegie Mellon University Cyrus Imap Server 2.2.6
Carnegie Mellon University Cyrus Imap Server 2.2.2 Beta
Carnegie Mellon University Cyrus Imap Server 2.2.3
Conectiva Linux 9.0
Carnegie Mellon University Cyrus Imap Server 2.2.0 Alpha
Carnegie Mellon University Cyrus Imap Server 2.2.1 Beta
Openpkg Openpkg Current
Conectiva Linux 10.0
Trustix Secure Linux 2.0
Trustix Secure Linux 2.1
Redhat Fedora Core Core 2.0
Redhat Fedora Core Core 3.0
Ubuntu Ubuntu Linux 4.1
Trustix Secure Linux 2.2
7.5
CVSSv2
CVE-2009-0688
Multiple buffer overflows in the CMU Cyrus SASL library prior to 2.1.23 might allow remote malicious users to execute arbitrary code or cause a denial of service (application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c.
Carnegie Mellon University Cyrus-sasl 2.1.19
Carnegie Mellon University Cyrus-sasl
Carnegie Mellon University Cyrus-sasl 1.5.24
Carnegie Mellon University Cyrus-sasl 1.5.15
Carnegie Mellon University Cyrus-sasl 1.5.16
Carnegie Mellon University Cyrus-sasl 1.5.27
Carnegie Mellon University Cyrus-sasl 1.5.3
Carnegie Mellon University Cyrus-sasl 2.0.5
Carnegie Mellon University Cyrus-sasl 2.1.0
Carnegie Mellon University Cyrus-sasl 2.1.1
Carnegie Mellon University Cyrus-sasl 2.1.16
Carnegie Mellon University Cyrus-sasl 2.1.21
Carnegie Mellon University Cyrus-sasl 2.1.20
Carnegie Mellon University Cyrus-sasl 1.5.11
Carnegie Mellon University Cyrus-sasl 1.5.13
Carnegie Mellon University Cyrus-sasl 1.5.23
Carnegie Mellon University Cyrus-sasl 1.5.26
Carnegie Mellon University Cyrus-sasl 2.0.3
Carnegie Mellon University Cyrus-sasl 2.0.4
Carnegie Mellon University Cyrus-sasl 2.1.14
Carnegie Mellon University Cyrus-sasl 2.1.15
Carnegie Mellon University Cyrus-sasl 2.1.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started