Lucene search
GoogleOSV:CVE-2017-14230HistorySep 10, 2017 - 7:29 a.m.
CVE-2017-14230
2017-09-1007:29:00
Google
osv.dev
9
In the mboxlist_do_find function in imap/mboxlist.c in Cyrus IMAP before 3.0.4, an off-by-one error in prefix calculation for the LIST command caused use of uninitialized memory, which might allow remote attackers to obtain sensitive information or cause a denial of service (daemon crash) via a ‘LIST “” “Other Users”’ command.
Related
fedora
fedora
[SECURITY] Fedora 26 Update: cyrus-imapd-3.0.4-1.fc26
2017-09-15 22:25:23
[SECURITY] Fedora 27 Update: cyrus-imapd-3.0.4-1.fc27
2017-09-30 07:27:10
nessus
nessus
FreeBSD : cyrus-imapd -- broken 'other users' behaviour (f9f76a50-9642-11e7-ab09-080027b00c2e)
2017-09-11 00:00:00
Fedora 26 : cyrus-imapd (2017-e4609f71f6)
2017-09-18 00:00:00
Fedora 27 : cyrus-imapd (2017-689e9b1af5)
2018-01-15 00:00:00
prion
prion
Command injection
2017-09-10 07:29:00
redhatcve
redhatcve
CVE-2017-14230
2017-09-13 11:48:38
cvelist
cvelist
CVE-2017-14230
2017-09-10 07:00:00
debiancve
debiancve
CVE-2017-14230
2017-09-10 07:29:00
ubuntucve
ubuntucve
CVE-2017-14230
2017-09-10 00:00:00
nvd
nvd
CVE-2017-14230
2017-09-10 07:29:00
freebsd
freebsd
cyrus-imapd -- broken "other users" behaviour
2017-09-07 00:00:00
cve
cve
CVE-2017-14230
2017-09-10 07:29:00
openvas
openvas
Fedora Update for cyrus-imapd FEDORA-2017-e4609f71f6
2017-09-16 00:00:00