cyrus-imapd is vulnerable to authentication bypass. The vulnerability is allows a remote user able to use the nntpd service could use this flaw to read or post newsgroup messages on an NNTP server configured to require user authentication, without providing valid authentication credentials.
cyrusimap.org/mediawiki/index.php/Latest_Updates
git.cyrusimap.org/cyrus-imapd/commit/?id=77903669e04c9788460561dd0560b9c916519594
secunia.com/advisories/46093
secunia.com/secunia_research/2011-68
securitytracker.com/id?1026363
www.debian.org/security/2011/dsa-2318
www.mandriva.com/security/advisories?name=MDVSA-2011:149
www.redhat.com/support/errata/RHSA-2011-1508.html
access.redhat.com/errata/RHSA-2011:1508
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=740822