Authentication Bypass Vulnerability in Cyrus IMAPd NNTP Server

Authentication Bypass Vulnerability in Cyrus IMAPd NNTP Server

CVE-2011-3372 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.

Learn more about our Cis Benchmark Audit For Server Software.