Off-by-one Error in Cyrus IMAP's mboxlist_do_find Function Allows Information Disclosure or Denial of Service

Off-by-one Error in Cyrus IMAP's mboxlist_do_find Function Allows Information Disclosure or Denial of Service

CVE-2017-14230 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:P

In the mboxlist_do_find function in imap/mboxlist.c in Cyrus IMAP before 3.0.4, an off-by-one error in prefix calculation for the LIST command caused use of uninitialized memory, which might allow remote attackers to obtain sensitive information or cause a denial of service (daemon crash) via a 'LIST "" "Other Users"' command.

Learn more about our User Device Pen Test.