PT-2021-6543 · Unknown+7 · Cyrus Imap+7

Published

2021-09-01

Updated

2025-08-26

CVE-2021-33582

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Cyrus IMAP versions prior to 3.0.16 Cyrus IMAP versions prior to 3.2.8 Cyrus IMAP versions prior to 3.4.2

Description The issue allows remote attackers to cause a denial of service, resulting in a multiple-minute daemon hang. This occurs due to input being mishandled during hash-table interaction, where many insertions into a single bucket cause the strcmp function to become slow.

Recommendations For versions prior to 3.0.16, update to version 3.0.16 or later. For versions prior to 3.2.8, update to version 3.2.8 or later. For versions prior to 3.4.2, update to version 3.4.2 or later.

Fix

DoS

Use of a Broken Cryptographic Algorithm

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-407CWE-327

Related Identifiers

ALT-PU-2021-2724

ALT-PU-2021-2731

ALT-PU-2021-2758

ALT-PU-2025-6164

BDU:2022-01804

CESA-2021_3492

CVE-2021-33582

DLA-3052-1

MGASA-2022-0247

OPENSUSE-SU-2024:11901-1

RHSA-2021:3492

RHSA-2021:3493

RHSA-2021:3546

RHSA-2021_3492

RLSA-2021:3492

USN-7224-1

Affected Products

Alt Linux

Centos

Cyrus Imap

Linuxmint

Red Hat

Red Os

Rocky Linux

Ubuntu

PT-2021-6543 · Unknown+7 · Cyrus Imap+7

CVE-2021-33582

Weakness Enumeration

Related Identifiers

Affected Products

References · 48