Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA597] DSA-597-1 cyrus-imapd


Vulnerability Assessment Details

[DSA597] DSA-597-1 cyrus-imapd

Vulnerability Assessment Summary
DSA-597-1 cyrus-imapd

Detailed Explanation for this Vulnerability Assessment

Stefan Esser discovered several security related problems in the Cyrus
IMAP daemon. Due to a bug in the command parser it is possible to
access memory beyond the allocated buffer in two places which could
lead to the execution of arbitrary code.
For the stable distribution (woody) these problems have been fixed in
version 1.5.19-9.2
For the unstable distribution (sid) these problems have been fixed in
version 2.1.17-1.
We recommend that you upgrade your cyrus-imapd package immediately.


Solution : http://www.debian.org/security/2004/dsa-597
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is (C) 2005 Michel Arboi

Cables, Connectors

Dell D785J PowerEdge 2160AS KVM 16 Port Console Switch.Tested.SKU187694
$45.45
Dell D785J PowerEdge 2160AS KVM 16 Port Console Switch.Tested.SKU187694 pictureHP Aruba 3810M 48G PoE+ 1-slot 48-Ports Manageable Switch JL074A
$1463.57
HP Aruba 3810M 48G PoE+ 1-slot 48-Ports Manageable Switch JL074A pictureHP Flexnetwork 5130-48G-4SFP+ 48-Ports EI 1U Rack-mountable Switch JG934A#ABA
$1473.92
HP Flexnetwork 5130-48G-4SFP+ 48-Ports EI 1U Rack-mountable Switch JG934A#ABA pictureUbiquiti Edgeswitch 24-Ports 500Watt Managed PoE+1U Rack-mountable Switch ES-24-
$625.95
Ubiquiti Edgeswitch 24-Ports 500Watt Managed PoE+1U Rack-mountable Switch ES-24- picture


Discussions

No Discussions have been posted on this vulnerability.