First Last Prev Next    This bug is not in your last search results.
Bug 718428 - VUL-1: cyrus-imapd DoS via crafted References header
VUL-1: cyrus-imapd DoS via crafted References header
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: General
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
maint:released:sles9-sp3-teradata:433...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2011-09-16 12:15 UTC by Ludwig Nussel
Modified: 2011-10-24 12:48 UTC (History)
2 users (show)

See Also:
Found By: Other
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Patch for cyrus-2.3.X (4.76 KB, patch)
2011-09-21 07:45 UTC, Ralf Haferkamp 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Ludwig Nussel 2011-09-16 12:15:44 UTC 
Your friendly security team received the following report via mitre.
Please respond ASAP.
The issue is public.

-------8<-------
======================================================
Name: CVE-2011-3481

The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message.

Reference: CONFIRM: http://git.cyrusimap.org/cyrus-imapd/commit/?id=6e776956a1a9dfa58eacdd0ddd52644009eac9e5
Reference: CONFIRM: http://bugzilla.cyrusimap.org/show_bug.cgi?id=3463
Reference: CONFIRM: http://bugzilla.cyrusimap.org/show_bug.cgi?id=2772
Comment 5 Ralf Haferkamp 2011-09-21 07:45:17 UTC 
Created attachment 452116 [details]
Patch for cyrus-2.3.X
Comment 6 Bernhard Wiedemann 2011-09-21 10:00:08 UTC 
This is an autogenerated message for OBS integration:
This bug (718428) was mentioned in
https://build.opensuse.org/request/show/84093 Factory / cyrus-imapd
Comment 8 Swamp Workflow Management 2011-09-29 13:09:01 UTC 
Update released for: cyrus-imapd, cyrus-imapd-devel, perl-Cyrus-IMAP, perl-Cyrus-SIEVE-managesieve
Products:
SUSE-CORE 9-SP3-TERADATA (x86_64)
Comment 9 Ralf Haferkamp 2011-10-04 13:48:58 UTC 
Submitted to SLE-11-SP1, SLE-10-SP3 and SLE-10-SP4 (together with bug#719998 fix)
Comment 10 Matthias Weckbecker 2011-10-05 09:47:28 UTC 
updates are released? resolved/fixed
Comment 12 Swamp Workflow Management 2011-10-24 08:29:54 UTC 
Update released for: cyrus-imapd, cyrus-imapd-debuginfo, cyrus-imapd-debugsource, cyrus-imapd-devel, perl-Cyrus-IMAP, perl-Cyrus-IMAP-debuginfo, perl-Cyrus-SIEVE-managesieve, perl-Cyrus-SIEVE-managesieve-debuginfo
Products:
openSUSE 11.3 (debug, i586, x86_64)
openSUSE 11.4 (debug, i586, x86_64)
Comment 13 Swamp Workflow Management 2011-10-24 11:11:19 UTC 
Update released for: cyrus-imapd, cyrus-imapd-debuginfo, cyrus-imapd-debugsource, cyrus-imapd-devel, perl-Cyrus-IMAP, perl-Cyrus-SIEVE-managesieve
Products:
SLE-DEBUGINFO 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLE-SDK 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLE-SERVER 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLE-SERVER 11-SP1-TERADATA (x86_64)
SLES4VMWARE 11-SP1 (i386, x86_64)
Comment 14 Swamp Workflow Management 2011-10-24 11:49:56 UTC 
Update released for: cyrus-imapd, cyrus-imapd-debuginfo, cyrus-imapd-devel, perl-Cyrus-IMAP, perl-Cyrus-SIEVE-managesieve
Products:
SLE-DEBUGINFO 10-SP3 (i386, ia64, ppc, s390x, x86_64)
SLE-SAP-APL 10-SP3 (x86_64)
SLE-SDK 10-SP3 (i386, ia64, ppc, s390x, x86_64)
SLE-SERVER 10-SP3 (i386, ia64, ppc, s390x, x86_64)
SLE-SERVER 10-SP3-TERADATA (x86_64)
Comment 15 Swamp Workflow Management 2011-10-24 12:48:51 UTC 
Update released for: cyrus-imapd, cyrus-imapd-debuginfo, cyrus-imapd-devel, perl-Cyrus-IMAP, perl-Cyrus-SIEVE-managesieve
Products:
SLE-DEBUGINFO 10-SP4 (i386, ia64, ppc, s390x, x86_64)
SLE-SDK 10-SP4 (i386, ia64, ppc, s390x, x86_64)
SLE-SERVER 10-SP4 (i386, ia64, ppc, s390x, x86_64)
First Last Prev Next    This bug is not in your last search results.