Vulnerability Name:

CVE-2011-3208 (CCN-69679)

Assigned:2011-09-08
Published:2011-09-08
Updated:2018-10-30
Summary:Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
5.1 Medium (REDHAT CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: MLIST
Type: UNKNOWN
[cyrus-announce] 20110908 Cyrus 2.3.17 Released

Source: CCN
Type: archive.cyrus-announce - 86
Cyrus 2.4.11 Released

Source: MLIST
Type: UNKNOWN
[cyrus-announce] 20110908 Cyrus 2.4.11 Released

Source: CCN
Type: Cyrus IMAP Web site
Cyrus IMAP Server

Source: MITRE
Type: CNA
CVE-2011-3208

Source: CONFIRM
Type: Patch
http://git.cyrusimap.org/cyrus-imapd/commit/?id=0f8f026699829b65733c3081657b24e2174f4f4d

Source: CONFIRM
Type: Patch
http://git.cyrusimap.org/cyrus-imapd/commit/?id=3244c18c928fa331f6927e2b8146abe90feafddd

Source: CCN
Type: Kolab Mailing List, Wed Sep 14 14:35:07 CEST 2011
Announcing the Kolab Server 2.3.3

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2011:1036

Source: CCN
Type: RHSA-2011-1317
Important: cyrus-imapd security update

Source: CCN
Type: SA45938
Cyrus IMAPd "split_wildmats()" Buffer Overflow Vulnerability

Source: SECUNIA
Type: Vendor Advisory
45938

Source: SECUNIA
Type: Vendor Advisory
45975

Source: CCN
Type: SA45977
Kolab Server Multiple vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
46064

Source: SECTRACK
Type: UNKNOWN
1026031

Source: DEBIAN
Type: UNKNOWN
DSA-2318

Source: DEBIAN
Type: DSA-2318
cyrus-imapd-2.2 -- multiple vulnerabilities

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2011:149

Source: OSVDB
Type: UNKNOWN
75307

Source: CCN
Type: OSVDB ID: 75307
Cyrus IMAP Server map/nntpd.c split_wildmats() Function NNTP Command Parsing Remote Overflow

Source: REDHAT
Type: UNKNOWN
RHSA-2011:1317

Source: BID
Type: UNKNOWN
49534

Source: CCN
Type: BID-49534
Cyrus IMAP Server 'split_wildmats()' Remote Buffer Overflow Vulnerability

Source: CONFIRM
Type: Patch
https://bugzilla.redhat.com/show_bug.cgi?id=734926

Source: XF
Type: UNKNOWN
cyrus-splitwildmats-bo(69679)

Source: XF
Type: UNKNOWN
cyrus-splitwildmats-bo(69679)

Source: SUSE
Type: UNKNOWN
SUSE-SU-2011:1034

Vulnerable Configuration:Configuration 1:
  • cpe:/a:cmu:cyrus_imap_server:2.0.17:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.1.16:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.1.17:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.1.18:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.2.8:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.2.9:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.2.10:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.2.11:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.2.12:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.2.13:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.2.13p1:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.2.14:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.6:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.7:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.8:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.9:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.10:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.11:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.12:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.13:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.14:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.15:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:*:*:*:*:*:*:*:* (Version <= 2.3.16)

    • Configuration 2:
  • cpe:/a:cmu:cyrus_imap_server:2.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.4.5:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.4.7:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.4.8:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.4.9:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.4.10:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

    • Configuration RedHat 10:
  • cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:cmu:cyrus_imap_server:2.3.14:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.15:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.16:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.4.10:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_server_eus:6.1.z:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20113208
    V
    		CVE-2011-3208
    2022-05-20
    oval:org.mitre.oval:def:15322
    P
    		DSA-2318-1 cyrus-imapd-2.2 -- multiple
    2014-06-23
    oval:org.mitre.oval:def:23750
    P
    		ELSA-2011:1317: cyrus-imapd security update (Important)
    2014-05-26
    oval:org.mitre.oval:def:22016
    P
    		RHSA-2011:1317: cyrus-imapd security update (Important)
    2014-02-24
    oval:com.redhat.rhsa:def:20111317
    P
    		RHSA-2011:1317: cyrus-imapd security update (Important)
    2011-09-19
    oval:com.ubuntu.xenial:def:201132080000000
    V
    		CVE-2011-3208 on Ubuntu 16.04 LTS (xenial) - medium.
    2011-09-14
    oval:com.ubuntu.precise:def:20113208000
    V
    		CVE-2011-3208 on Ubuntu 12.04 LTS (precise) - medium.
    2011-09-14
    oval:com.ubuntu.trusty:def:20113208000
    V
    		CVE-2011-3208 on Ubuntu 14.04 LTS (trusty) - medium.
    2011-09-14
    oval:com.ubuntu.xenial:def:20113208000
    V
    		CVE-2011-3208 on Ubuntu 16.04 LTS (xenial) - medium.
    2011-09-14
    BACK
    cmu cyrus imap server 2.0.17
    cmu cyrus imap server 2.1.16
    cmu cyrus imap server 2.1.17
    cmu cyrus imap server 2.1.18
    cmu cyrus imap server 2.2.8
    cmu cyrus imap server 2.2.9
    cmu cyrus imap server 2.2.10
    cmu cyrus imap server 2.2.11
    cmu cyrus imap server 2.2.12
    cmu cyrus imap server 2.2.13
    cmu cyrus imap server 2.2.13p1
    cmu cyrus imap server 2.2.14
    cmu cyrus imap server 2.3.0
    cmu cyrus imap server 2.3.1
    cmu cyrus imap server 2.3.2
    cmu cyrus imap server 2.3.3
    cmu cyrus imap server 2.3.4
    cmu cyrus imap server 2.3.5
    cmu cyrus imap server 2.3.6
    cmu cyrus imap server 2.3.7
    cmu cyrus imap server 2.3.8
    cmu cyrus imap server 2.3.9
    cmu cyrus imap server 2.3.10
    cmu cyrus imap server 2.3.11
    cmu cyrus imap server 2.3.12
    cmu cyrus imap server 2.3.13
    cmu cyrus imap server 2.3.14
    cmu cyrus imap server 2.3.15
    cmu cyrus imap server *
    cmu cyrus imap server 2.4.0
    cmu cyrus imap server 2.4.1
    cmu cyrus imap server 2.4.2
    cmu cyrus imap server 2.4.3
    cmu cyrus imap server 2.4.4
    cmu cyrus imap server 2.4.5
    cmu cyrus imap server 2.4.6
    cmu cyrus imap server 2.4.7
    cmu cyrus imap server 2.4.8
    cmu cyrus imap server 2.4.9
    cmu cyrus imap server 2.4.10
    cmu cyrus imap server 2.3.14
    cmu cyrus imap server 2.3.15
    cmu cyrus imap server 2.3.16
    cmu cyrus imap server 2.4.10
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 5
    redhat enterprise linux 5
    redhat enterprise linux 6
    redhat enterprise linux 6
    redhat enterprise linux server eus 6.1.z