REDHAT-BUG-705288
First published: Tue May 17 2011(Updated: )
It was found, that Cyrus IMAP recognized IMAP, LMTP, NNTP and POP3 protocol commands during plaintex to TLS session switch (by TLS protocol initialization). A remote attacker could use this flaw to insert plaintext, protocol relevant, commands into TLS protocol initialization messages, leading to execution of these commands during the ciphertext protocol phase, potentially allowing the attacker to steal the victim's mail or authentication credentials. References: [1] <a href="http://www.kb.cert.org/vuls/id/555316">http://www.kb.cert.org/vuls/id/555316</a> [2] <a href="http://bugzilla.cyrusimap.org/show_bug.cgi?id=3423">http://bugzilla.cyrusimap.org/show_bug.cgi?id=3423</a> Relevant upstream patch: [3] <a href="http://git.cyrusimap.org/cyrus-imapd/patch/?id=523a91a5e86c8b9a27a138f04a3e3f2d8786f162">http://git.cyrusimap.org/cyrus-imapd/patch/?id=523a91a5e86c8b9a27a138f04a3e3f2d8786f162</a>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cyrus SASL |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.kb.cert.org/vuls/id/555316
- http://bugzilla.cyrusimap.org/show_bug.cgi?id=3423
- http://git.cyrusimap.org/cyrus-imapd/patch/?id=523a91a5e86c8b9a27a138f04a3e3f2d8786f162
- http://www.openwall.com/lists/oss-security/2011/05/17/2
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=705294
- https://access.redhat.com/security/cve/CVE-2011-1926
- https://rhn.redhat.com/errata/RHSA-2011-0859.html
- https://bugzilla.redhat.com/show_bug.cgi?id=705288
Frequently Asked Questions
What is the severity of REDHAT-BUG-705288?
The severity of REDHAT-BUG-705288 has been classified as high due to the potential for remote command injection during TLS protocol initialization.
How do I fix REDHAT-BUG-705288?
To fix REDHAT-BUG-705288, it is recommended to update your Cyrus IMAP server to the latest available version that addresses this vulnerability.
What versions of Cyrus IMAP are affected by REDHAT-BUG-705288?
REHAT-BUG-705288 affects multiple versions of Cyrus IMAP that do not implement proper validation during TLS protocol initialization.
Can REDHAT-BUG-705288 be exploited remotely?
Yes, REDHAT-BUG-705288 can be exploited remotely by an attacker during the plaintext to TLS session switch.
What are the potential consequences of REDHAT-BUG-705288?
The potential consequences of REDHAT-BUG-705288 include unauthorized command execution and compromise of secure communications.
- agent/references
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2011-1926
- agent/severity
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/cyrus
- canonical/cyrus sasl