imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2011-12-24T19:00:00Z

Updated: 2024-09-17T00:45:46.502Z

Reserved: 2011-08-30T00:00:00Z

Link: CVE-2011-3372

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2011-12-24T19:55:01.773

Modified: 2024-11-21T01:30:22.397

Link: CVE-2011-3372

cve-icon Redhat

Severity : Moderate

Publid Date: 2011-10-05T00:00:00Z

Links: CVE-2011-3372 - Bugzilla