Vulnerability Name:

CVE-2011-3481 (CCN-69842)

Assigned:2005-12-17
Published:2005-12-17
Updated:2018-10-30
Summary:The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.3 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
CWE-476
Vulnerability Consequences:Denial of Service
References:Source: CCN
Type: Cyrus IMAP Web site
Cyrus IMAP Server

Source: CCN
Type: Cyrus Bugzilla 2772
cmd_thread cores with bogus ids in references header

Source: CONFIRM
Type: UNKNOWN
http://bugzilla.cyrusimap.org/show_bug.cgi?id=2772

Source: CCN
Type: Cyrus Bugzilla 3463
Certain mails will crash imapd if using server side threading

Source: CONFIRM
Type: UNKNOWN
http://bugzilla.cyrusimap.org/show_bug.cgi?id=3463

Source: MITRE
Type: CNA
CVE-2011-3481

Source: CONFIRM
Type: Patch
http://git.cyrusimap.org/cyrus-imapd/commit/?id=6e776956a1a9dfa58eacdd0ddd52644009eac9e5

Source: CCN
Type: RHSA-2011-1508
Moderate: cyrus-imapd security update

Source: DEBIAN
Type: DSA-2377
cyrus-imapd-2.2 -- NULL pointer dereference

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2012:037

Source: CCN
Type: OSVDB ID: 75445
Cyrus IMAP Server imapd index.c index_get_ids Function References Header NULL Dereference Remote DoS

Source: REDHAT
Type: UNKNOWN
RHSA-2011:1508

Source: CCN
Type: BID-49659
Cyrus IMAP Server 'index_get_ids()' NULL Pointer Dereference Denial Of Service Vulnerability

Source: XF
Type: UNKNOWN
cyrus-imap-indexgetids-dos(69842)

Source: XF
Type: UNKNOWN
cyrus-imap-indexgetids-dos(69842)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:cmu:cyrus_imap_server:2.0.17:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.1.16:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.1.17:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.1.18:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.2.8:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.2.9:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.2.10:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.2.11:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.2.12:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.2.13:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.2.13p1:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.6:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.7:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.8:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.9:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.10:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.11:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.12:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.13:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.14:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.15:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.16:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.17:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.4.5:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.4.7:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.4.8:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.4.9:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:*:*:*:*:*:*:*:* (Version <= 2.4.10)

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

    • Configuration RedHat 10:
  • cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:cmu:cyrus_imap_server:2.3.14:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.15:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.3.16:*:*:*:*:*:*:*
  • OR cpe:/a:cmu:cyrus_imap_server:2.4.10:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_server_eus:6.1.z:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20113481
    V
    		CVE-2011-3481
    2022-05-20
    oval:org.opensuse.security:def:32223
    P
    		Security update for postgresql, postgresql13, postgresql14 (Important)
    2021-11-20
    oval:org.opensuse.security:def:33039
    P
    		Security update for binutils (Moderate)
    2021-11-09
    oval:org.opensuse.security:def:32212
    P
    		Security update for binutils (Moderate)
    2021-11-02
    oval:org.opensuse.security:def:32211
    P
    		Security update for transfig (Important)
    2021-10-29
    oval:org.opensuse.security:def:32995
    P
    		Security update for file (Important)
    2021-09-02
    oval:org.opensuse.security:def:32972
    P
    		Security update for webkit2gtk3 (Important)
    2021-08-03
    oval:org.opensuse.security:def:33677
    P
    		Security update for libnettle (Important)
    2021-06-23
    oval:org.opensuse.security:def:32933
    P
    		Security update for libwebp (Critical)
    2021-06-02
    oval:org.opensuse.security:def:28946
    P
    		Security update for grub2 (Important)
    2021-03-02
    oval:org.opensuse.security:def:28929
    P
    		Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP2) (Important)
    2021-02-10
    oval:org.opensuse.security:def:33716
    P
    		Security update for tomcat (Moderate)
    2021-01-05
    oval:org.opensuse.security:def:28551
    P
    		Security update for Mozilla Firefox
    2020-12-01
    oval:org.opensuse.security:def:29664
    P
    		Security update for cyrus-imapd
    2020-12-01
    oval:org.opensuse.security:def:28787
    P
    		Security update for Mozilla NSS
    2020-12-01
    oval:org.opensuse.security:def:32433
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:28202
    P
    		Security update for libid3tag (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28890
    P
    		Security update for dhcp (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32584
    P
    		ntp on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28279
    P
    		Security update for mysql (Important)
    2020-12-01
    oval:org.opensuse.security:def:32827
    P
    		apache2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28494
    P
    		Security update for openssl1
    2020-12-01
    oval:org.opensuse.security:def:29628
    P
    		Security update for cairo (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28635
    P
    		Security update for augeas (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32299
    P
    		Security update for python (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28201
    P
    		Recommended update for libical (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28841
    P
    		Security update for vino
    2020-12-01
    oval:org.opensuse.security:def:32527
    P
    		gtk2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28213
    P
    		Security update for libpng12-0 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32671
    P
    		ghostscript-fonts-other on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28409
    P
    		Security update for tidy (Low)
    2020-12-01
    oval:org.opensuse.security:def:28990
    P
    		Security update for xen (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32884
    P
    		ipsec-tools on GA media (Moderate)
    2020-12-01
    oval:org.mitre.oval:def:14883
    P
    		DSA-2377-1 cyrus-imapd-2.2 -- NULL pointer dereference
    2014-06-23
    oval:org.mitre.oval:def:23438
    P
    		ELSA-2011:1508: cyrus-imapd security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:22075
    P
    		RHSA-2011:1508: cyrus-imapd security update (Moderate)
    2014-02-24
    oval:com.redhat.rhsa:def:20111508
    P
    		RHSA-2011:1508: cyrus-imapd security update (Moderate)
    2011-12-01
    oval:com.ubuntu.xenial:def:201134810000000
    V
    		CVE-2011-3481 on Ubuntu 16.04 LTS (xenial) - low.
    2011-09-14
    oval:com.ubuntu.precise:def:20113481000
    V
    		CVE-2011-3481 on Ubuntu 12.04 LTS (precise) - low.
    2011-09-14
    oval:com.ubuntu.trusty:def:20113481000
    V
    		CVE-2011-3481 on Ubuntu 14.04 LTS (trusty) - low.
    2011-09-14
    oval:com.ubuntu.xenial:def:20113481000
    V
    		CVE-2011-3481 on Ubuntu 16.04 LTS (xenial) - low.
    2011-09-14
    BACK
    cmu cyrus imap server 2.0.17
    cmu cyrus imap server 2.1.16
    cmu cyrus imap server 2.1.17
    cmu cyrus imap server 2.1.18
    cmu cyrus imap server 2.2.8
    cmu cyrus imap server 2.2.9
    cmu cyrus imap server 2.2.10
    cmu cyrus imap server 2.2.11
    cmu cyrus imap server 2.2.12
    cmu cyrus imap server 2.2.13
    cmu cyrus imap server 2.2.13p1
    cmu cyrus imap server 2.3.0
    cmu cyrus imap server 2.3.1
    cmu cyrus imap server 2.3.2
    cmu cyrus imap server 2.3.3
    cmu cyrus imap server 2.3.4
    cmu cyrus imap server 2.3.5
    cmu cyrus imap server 2.3.6
    cmu cyrus imap server 2.3.7
    cmu cyrus imap server 2.3.8
    cmu cyrus imap server 2.3.9
    cmu cyrus imap server 2.3.10
    cmu cyrus imap server 2.3.11
    cmu cyrus imap server 2.3.12
    cmu cyrus imap server 2.3.13
    cmu cyrus imap server 2.3.14
    cmu cyrus imap server 2.3.15
    cmu cyrus imap server 2.3.16
    cmu cyrus imap server 2.3.17
    cmu cyrus imap server 2.4.0
    cmu cyrus imap server 2.4.1
    cmu cyrus imap server 2.4.2
    cmu cyrus imap server 2.4.3
    cmu cyrus imap server 2.4.4
    cmu cyrus imap server 2.4.5
    cmu cyrus imap server 2.4.6
    cmu cyrus imap server 2.4.7
    cmu cyrus imap server 2.4.8
    cmu cyrus imap server 2.4.9
    cmu cyrus imap server *
    cmu cyrus imap server 2.3.14
    cmu cyrus imap server 2.3.15
    cmu cyrus imap server 2.3.16
    cmu cyrus imap server 2.4.10
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 5
    redhat enterprise linux 5
    redhat enterprise linux 6
    redhat enterprise linux 6
    redhat enterprise linux server eus 6.1.z