The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:H/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Cmu
  • Cyrus Imap Server
Redhat
  • Enterprise Linux

Configuration 1 [-]

OR cpe:2.3:a:cmu:cyrus_imap_server:*:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.0.17:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.1.16:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.1.17:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.1.18:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.2.8:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.2.9:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.2.10:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.2.11:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.2.12:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.2.13:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.2.13p1:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.3.4:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.3.5:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.3.6:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.3.7:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.3.8:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.3.9:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.3.10:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.3.11:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.3.12:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.3.13:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.3.14:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.3.15:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.3.16:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:cmu:cyrus_imap_server:2.4.5:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 4
cyrus-imapd-0:2.2.12-15.el4 cpe:/o:redhat:enterprise_linux:4 RHSA-2011:0859 2011-06-08T00:00:00Z
Red Hat Enterprise Linux 5
cyrus-imapd-0:2.3.7-7.el5_6.4 cpe:/o:redhat:enterprise_linux:5 RHSA-2011:0859 2011-06-08T00:00:00Z
Red Hat Enterprise Linux 6
cyrus-imapd-0:2.3.16-6.el6_1.2 cpe:/o:redhat:enterprise_linux:6 RHSA-2011:0859 2011-06-08T00:00:00Z
References
Link Providers
http://bugzilla.cyrusimap.org/show_bug.cgi?id=3423 cve-icon cve-icon
http://bugzilla.cyrusimap.org/show_bug.cgi?id=3424 cve-icon cve-icon
http://git.cyrusimap.org/cyrus-imapd/patch/?id=523a91a5e86c8b9a27a138f04a3e3f2d8786f162 cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061374.html cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061415.html cve-icon cve-icon
http://openwall.com/lists/oss-security/2011/05/17/15 cve-icon cve-icon
http://openwall.com/lists/oss-security/2011/05/17/2 cve-icon cve-icon
http://secunia.com/advisories/44670 cve-icon cve-icon
http://secunia.com/advisories/44876 cve-icon cve-icon
http://secunia.com/advisories/44913 cve-icon cve-icon
http://secunia.com/advisories/44928 cve-icon cve-icon
http://www.cyrusimap.org/docs/cyrus-imapd/2.4.7/changes.php cve-icon cve-icon
http://www.debian.org/security/2011/dsa-2242 cve-icon cve-icon
http://www.debian.org/security/2011/dsa-2258 cve-icon cve-icon
http://www.kb.cert.org/vuls/id/555316 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDVSA-2011:100 cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2011-0859.html cve-icon cve-icon
http://www.securitytracker.com/id?1025625 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=705288 cve-icon cve-icon
https://exchange.xforce.ibmcloud.com/vulnerabilities/67867 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2011-1926 cve-icon
https://www.cve.org/CVERecord?id=CVE-2011-1926 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2011-05-23T22:00:00

Updated: 2024-08-06T22:46:00.659Z

Reserved: 2011-05-09T00:00:00

Link: CVE-2011-1926

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2011-05-23T22:55:01.490

Modified: 2025-04-11T00:51:21.963

Link: CVE-2011-1926

cve-icon Redhat

Severity : Moderate

Publid Date: 2011-03-25T00:00:00Z

Links: CVE-2011-1926 - Bugzilla