Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Fedora Local Security Checks >> Fedora Core 2 2004-489: cyrus-imapd


Vulnerability Assessment Details

Fedora Core 2 2004-489: cyrus-imapd

Vulnerability Assessment Summary
Check for the version of the cyrus-imapd package

Detailed Explanation for this Vulnerability Assessment

The remote host is missing the patch for the advisory FEDORA-2004-489 (cyrus-imapd).

The cyrus-imapd package contains the core of the Cyrus IMAP server.
It is a scaleable enterprise mail system designed for use from
small to large enterprise environments using standards-based
internet mail technologies.

A full Cyrus IMAP implementation permits a seamless mail and bulletin
board environment to be set up across multiple servers. It differs
from
other IMAP server implementations in that it is run on 'sealed'
servers, where users are not normally permitted to log in. The mailbox
database is stored in parts of the filesystem that are private to the
Cyrus IMAP server. All user access to mail is through software using
the IMAP, POP3, or KPOP protocols. TLSv1 and SSL are supported for
security.

Update Information:

Fix several buffer overflow problems that could be used as an exploit.
Fixes the following security advisories:
CVE-2004-1011 CVE-2004-1012 CVE-2004-1013 CVE-2004-1015


Solution : http://www.fedoranews.org/blog/index.php?p=148
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security

Cables, Connectors

Netpatibles 100% Cisco Compatible GLC-T 1000BASE-T SFP Gigabit Interface Convert
$42.15
Netpatibles 100% Cisco Compatible GLC-T 1000BASE-T SFP Gigabit Interface Convert pictureJuniper EX4550-32F-AFO Juniper EX4550 Switch 32-Port 1/10G SFP+
$3995.0
Juniper EX4550-32F-AFO Juniper EX4550 Switch 32-Port 1/10G SFP+  pictureHP 1Gb SFP RJ-45 VirtualConnect 453156-001 453578-001 #180
$14.98
HP 1Gb SFP RJ-45 VirtualConnect 453156-001 453578-001 #180 pictureALLIED TELESIS INC. AT-GS2002/SP-60 10/100/1000BASE-T, SFP STANDALONE BRIDGIN...
$234.22
ALLIED TELESIS INC. AT-GS2002/SP-60 10/100/1000BASE-T, SFP STANDALONE BRIDGIN... picture


Discussions

No Discussions have been posted on this vulnerability.