From secunia security advisor at $URL: Description: The vulnerability is caused due to an error within the authentication mechanism of the NNTP server, which can be exploited to bypass the authentication process and execute commands intended for authenticated users by sending an "AUTHINFO USER" command without a following "AUTHINFO PASS" command. The vulnerability is confirmed in version 2.4.10 and 2.4.11. Prior versions may also be affected. Solution: Apply patch or update to version 2.4.12.
Please bump 2.4.12 or here[1] is the patch. [1]: http://git.cyrusimap.org/cyrus-imapd/patch/?id=77903669e04c9788460561dd0560b9c916519594
+*cyrus-imapd-2.4.12 (06 Oct 2011) + + 06 Oct 2011; Eray Aslan <eras@gentoo.org> +cyrus-imapd-2.4.12.ebuild: + version bump - security bug #385729. Add back sieve USE flag - bug #382389 + @security: We can stabilize =net-mail/cyrus-imapd-2.4.12. Thank you.
(In reply to comment #2) > @security: We can stabilize =net-mail/cyrus-imapd-2.4.12. Thank you. Thanks Eras. Arches, please test and mark stable: =net-mail/cyrus-imapd-2.4.12 target KEYWORDS : "amd64 hppa ppc ppc64 sparc x86"
amd64 ok
ditto
Thanks, guys + 06 Oct 2011; Steve Dibb <beandog@gentoo.org> cyrus-imapd-2.4.12.ebuild: + amd64 stable, security bug 385729
CVE-2011-3481 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3481): The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message.
*** Bug 386233 has been marked as a duplicate of this bug. ***
sparc stable
x86 stable
ppc/ppc64 stable
Stable for HPPA.
Thanks, everyone. GLSA Vote: yes.
Vote: YES. GLSA request filed.
This issue was resolved and addressed in GLSA 201110-16 at http://security.gentoo.org/glsa/glsa-201110-16.xml by GLSA coordinator Tim Sammut (underling).
CVE-2011-3372 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3372): imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.
