Lucene search
Redhat.comRH:CVE-2017-14230HistorySep 13, 2017 - 11:48 a.m.
CVE-2017-14230
2017-09-1311:48:38
redhat.com
access.redhat.com
10
EPSS
0.006
Percentile
79.3%
In the mboxlist_do_find function in imap/mboxlist.c in Cyrus IMAP before 3.0.4, an off-by-one error in prefix calculation for the LIST command caused use of uninitialized memory, which might allow remote attackers to obtain sensitive information or cause a denial of service (daemon crash) via a ‘LIST “” “Other Users”’ command.
Related
cvelist
cvelist
CVE-2017-14230
2017-09-10 07:00:00
openvas
openvas
Fedora Update for cyrus-imapd FEDORA-2017-e4609f71f6
2017-09-16 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: cyrus-imapd-3.0.4-1.fc27
2017-09-30 07:27:10
[SECURITY] Fedora 26 Update: cyrus-imapd-3.0.4-1.fc26
2017-09-15 22:25:23
osv
osv
CVE-2017-14230
2017-09-10 07:29:00
nessus
nessus
Fedora 26 : cyrus-imapd (2017-e4609f71f6)
2017-09-18 00:00:00
Fedora 27 : cyrus-imapd (2017-689e9b1af5)
2018-01-15 00:00:00
debiancve
debiancve
CVE-2017-14230
2017-09-10 07:29:00
ubuntucve
ubuntucve
CVE-2017-14230
2017-09-10 00:00:00
nvd
nvd
CVE-2017-14230
2017-09-10 07:29:00
freebsd
freebsd
cyrus-imapd -- broken "other users" behaviour
2017-09-07 00:00:00
cve
cve
CVE-2017-14230
2017-09-10 07:29:00
prion
prion
Command injection
2017-09-10 07:29:00