Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In the mboxlist_do_find function in imap/mboxlist.c in Cyrus IMAP before 3.0.4, an off-by-one error in prefix calculation for the LIST command caused use of uninitialized memory, which might allow remote attackers to obtain sensitive information or cause a denial of service (daemon crash) via a 'LIST "" "Other Users"' command.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cyrus IMAP 安全漏洞
Vulnerability Description
Cyrus IMAP是一款免费、开源的基于Unix和Linux操作系统用于支持IMAP(Interactive Mail Access Protocol)协议的邮件服务器。 Cyrus IMAP 3.0.4之前的版本中的imap/mboxlist.c文件的‘mboxlist_do_find’函数存在安全漏洞。远程攻击者可利用该漏洞获取敏感信息或造成拒绝服务(守护进程崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A