Mageni Mageni Security LLC

Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Cyrus IMAP < 3.2.7, 3.3.x < 3.4.1 DoS Vulnerability

Information

Severity

Severity

Medium

Family

Family

Denial of Service

CVSSv2 Base

CVSSv2 Base

4.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:S/C:N/I:N/A:P

Solution Type

Solution Type

Vendor Patch

Created

Created

2 years ago

Modified

Modified

2 years ago

Share

Summary

Cyrus IMAP is prone to a denial of service (DoS) vulnerability.

Insight

Insight

Remote authenticated users could bypass intended access restrictions on certain server annotations. Additionally, a long-standing bug in replication did not allow server annotations to be replicated. Combining these two bugs, a remote authenticated user could stall replication, requiring administrator intervention.

Affected Software

Affected Software

Cyrus IMAP prior to version 3.2.7 and version 3.3.x through 3.4.0.

Detection Method

Detection Method

Checks if a vulnerable version is present on the target host.

Solution

Solution

Update to version 3.2.7, 3.4.1 or later.

Common Vulnerabilities and Exposures (CVE)

References