Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> SuSE Local Security Checks >> SUSE-SA:2004:043: cyrus-imapd


Vulnerability Assessment Details

SUSE-SA:2004:043: cyrus-imapd

Vulnerability Assessment Summary
Check for the version of the cyrus-imapd package

Detailed Explanation for this Vulnerability Assessment

The remote host is missing the patch for the advisory SUSE-SA:2004:043 (cyrus-imapd).


Stefan Esser reported various bugs within the Cyrus IMAP Server.
These include buffer overflows and out-of-bounds memory access
which could permit remote attackers to execute arbitrary commands
as root. The bugs occur in the pre-authentication phase, therefore
an update is strongly recommended.



Solution : http://www.suse.de/security/2004_43_cyrus_imapd.html
Network Security Threat Level: Medium

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security

Cables, Connectors

Kingston HyperX Impact Black 4GB 1600MHz DDR3L CL9 SODIMM 1.35V Laptop Memory (H
$50.2
Kingston HyperX Impact Black 4GB 1600MHz DDR3L CL9 SODIMM 1.35V Laptop Memory (H pictureHynix 16GB DDR3 PC3-12800R-11-12-E2 Server RAM HMT42GR7MFR4C-PB
$29.69
Hynix 16GB DDR3 PC3-12800R-11-12-E2 Server RAM HMT42GR7MFR4C-PB  picture8GB 2pcs 4GB Hynix DDR2 667MHZ PC2-5300P 2RX4 ECC FB-DIMM Server Memory RAM CL5
$9.74
8GB 2pcs 4GB Hynix DDR2 667MHZ PC2-5300P 2RX4 ECC FB-DIMM Server Memory RAM CL5 pictureNEW Crucial BLS2K16G4S240FSD Ballistix Sport LT 32GB 2 x 16 GB DDR4 SDRAM Memory
$272.95
NEW Crucial BLS2K16G4S240FSD Ballistix Sport LT 32GB 2 x 16 GB DDR4 SDRAM Memory picture


Discussions

No Discussions have been posted on this vulnerability.