CVE-2011-1926

Name	CVE-2011-1926
Description	The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411.
Source	CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DSA-2242-1, DSA-2258-1
Debian Bugs	627081, 629350

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Origin	Debian Bugs
cyrus-imapd-2.2	source	lenny	2.2.13-14+lenny4	DSA-2242-1
cyrus-imapd-2.2	source	squeeze	2.2.13-19+squeeze1	DSA-2242-1
cyrus-imapd-2.2	source	(unstable)	2.2.13p1-11		627081
cyrus-imapd-2.4	source	(unstable)	2.4.7-1
kolab-cyrus-imapd	source	lenny	2.2.13-5+lenny3	DSA-2258-1
kolab-cyrus-imapd	source	squeeze	2.2.13-9.1	DSA-2258-1
kolab-cyrus-imapd	source	(unstable)	2.2.13p1-0.1		629350