Lucene search
MitreCVELIST:CVE-2017-14230HistorySep 10, 2017 - 7:00 a.m.
CVE-2017-14230
2017-09-1007:00:00
mitre
www.cve.org
2
cyrus imap
off-by-one error
mboxlist_do_find
remote attackers
sensitive information
denial of service
In the mboxlist_do_find function in imap/mboxlist.c in Cyrus IMAP before 3.0.4, an off-by-one error in prefix calculation for the LIST command caused use of uninitialized memory, which might allow remote attackers to obtain sensitive information or cause a denial of service (daemon crash) via a ‘LIST “” “Other Users”’ command.
Related
redhatcve
redhatcve
CVE-2017-14230
2017-09-13 11:48:38
nessus
nessus
Fedora 26 : cyrus-imapd (2017-e4609f71f6)
2017-09-18 00:00:00
Fedora 27 : cyrus-imapd (2017-689e9b1af5)
2018-01-15 00:00:00
debiancve
debiancve
CVE-2017-14230
2017-09-10 07:29:00
nvd
nvd
CVE-2017-14230
2017-09-10 07:29:00
ubuntucve
ubuntucve
CVE-2017-14230
2017-09-10 00:00:00
freebsd
freebsd
cyrus-imapd -- broken "other users" behaviour
2017-09-07 00:00:00
cve
cve
CVE-2017-14230
2017-09-10 07:29:00
openvas
openvas
Fedora Update for cyrus-imapd FEDORA-2017-e4609f71f6
2017-09-16 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: cyrus-imapd-3.0.4-1.fc27
2017-09-30 07:27:10
[SECURITY] Fedora 26 Update: cyrus-imapd-3.0.4-1.fc26
2017-09-15 22:25:23
osv
osv
CVE-2017-14230
2017-09-10 07:29:00
prion
prion
Command injection
2017-09-10 07:29:00