Conectiva Local Security Checks : Conectiva Security Advisory CLA-2004:904

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.51388

Kategorie: Conectiva Local Security Checks

Titel: Conectiva Security Advisory CLA-2004:904

Zusammenfassung: NOSUMMARY

Beschreibung: Description:

The remote host is missing updates announced in
advisory CLA-2004:904.

cyrus-imapd[1] is an IMAP and POP3 mail server with several advanced
features such as SASL authentication, server-side mail filtering,
mailbox ACLs and others.

Stefan Esser from e-matters security recently published[2] several
vulnerabilities in cyrus-imapd:

(if not mentioned otherwise, all vulnerabilities affect both
Conectiva Linux 9 and 10)

1. imapmagicplus buffer overflow (CVE-2004-1011)[3]
If the imapmagicplus option is enabled in the server's
configuration file, then the LOGIN and PROXY commands can be abused
to cause a buffer overflow, allowing remote unauthenticated attackers
to execute arbitrary code as the cyrus user.

Later on it has been found that the proxyd service also suffered[6]
(CVE-2004-1015) from the same problem.

Conectiva Linux 9 is not affected by these vulnerabilities.

2. PARTIAL command vulnerability (CVE-2004-1012)[4]
The PARTIAL command parser has a vulnerability which would allow
authenticated users to cause a memory corruption and possibly execute
arbitrary code as the cyrus user.

3. FETCH command vulnerability (CVE-2004-1013)[5]
The FETCH command parser has a vulnerability which would allow
authenticated users to cause a memory corruption and possibly execute
arbitrary code as the cyrus user.

All these vulnerabilities have been fixed upstream with new versions
of cyrus-imapd: 2.2.10 for the 2.2.x branch and 2.1.17 for the 2.1.x
branch.

Below are additional changes in our RPM packages:
- for CL10: SNMP support has been removed. It needs a newer net-snmp
library than the one that is currently being shipped

- for CL10: the script which attempts to convert the imapd.conf
configuration file from 2.1.x to the 2.2.x format has been fixed.
Previously it would mangle TLS directives

- for CL9: the init script has been fixed to allow GSSAPI
authentication and also to restart the server if it was already
running

- for CL9: the cyrus-imapd package now explicitly conflicts with
uw-imap-server and uw-pop-server.

Solution:
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

http://www.securityspace.com/smysecure/catid.html?in=CLA-2004:904
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002004

Risk factor : Critical

CVSS Score:
10.0

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2004-1011
Bugtraq: 20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities (Google Search)
http://marc.info/?l=bugtraq&m=110123023521619&w=2
http://security.gentoo.org/glsa/glsa-200411-34.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2004:139
http://security.e-matters.de/advisories/152004.html
http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce&msg=143
http://secunia.com/advisories/13274/
XForce ISS Database: cyrus-imap-username-bo(18198)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18198
Common Vulnerability Exposure (CVE) ID: CVE-2004-1015
http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce&msg=145
XForce ISS Database: cyrus-magic-plus-bo(18274)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18274
Common Vulnerability Exposure (CVE) ID: CVE-2004-1012
Debian Security Information: DSA-597 (Google Search)
http://www.debian.org/security/2004/dsa-597
https://www.ubuntu.com/usn/usn-31-1/
XForce ISS Database: cyrus-imap-commands-execute-code(18199)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18199
Common Vulnerability Exposure (CVE) ID: CVE-2004-1013

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.51388
Kategorie:	Conectiva Local Security Checks
Titel:	Conectiva Security Advisory CLA-2004:904
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory CLA-2004:904. cyrus-imapd[1] is an IMAP and POP3 mail server with several advanced features such as SASL authentication, server-side mail filtering, mailbox ACLs and others. Stefan Esser from e-matters security recently published[2] several vulnerabilities in cyrus-imapd: (if not mentioned otherwise, all vulnerabilities affect both Conectiva Linux 9 and 10) 1. imapmagicplus buffer overflow (CVE-2004-1011)[3] If the imapmagicplus option is enabled in the server's configuration file, then the LOGIN and PROXY commands can be abused to cause a buffer overflow, allowing remote unauthenticated attackers to execute arbitrary code as the cyrus user. Later on it has been found that the proxyd service also suffered[6] (CVE-2004-1015) from the same problem. Conectiva Linux 9 is not affected by these vulnerabilities. 2. PARTIAL command vulnerability (CVE-2004-1012)[4] The PARTIAL command parser has a vulnerability which would allow authenticated users to cause a memory corruption and possibly execute arbitrary code as the cyrus user. 3. FETCH command vulnerability (CVE-2004-1013)[5] The FETCH command parser has a vulnerability which would allow authenticated users to cause a memory corruption and possibly execute arbitrary code as the cyrus user. All these vulnerabilities have been fixed upstream with new versions of cyrus-imapd: 2.2.10 for the 2.2.x branch and 2.1.17 for the 2.1.x branch. Below are additional changes in our RPM packages: - for CL10: SNMP support has been removed. It needs a newer net-snmp library than the one that is currently being shipped - for CL10: the script which attempts to convert the imapd.conf configuration file from 2.1.x to the 2.2.x format has been fixed. Previously it would mangle TLS directives - for CL9: the init script has been fixed to allow GSSAPI authentication and also to restart the server if it was already running - for CL9: the cyrus-imapd package now explicitly conflicts with uw-imap-server and uw-pop-server. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://www.securityspace.com/smysecure/catid.html?in=CLA-2004:904 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002004 Risk factor : Critical CVSS Score: 10.0
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1011 Bugtraq: 20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=110123023521619&w=2 http://security.gentoo.org/glsa/glsa-200411-34.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:139 http://security.e-matters.de/advisories/152004.html http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce&msg=143 http://secunia.com/advisories/13274/ XForce ISS Database: cyrus-imap-username-bo(18198) https://exchange.xforce.ibmcloud.com/vulnerabilities/18198 Common Vulnerability Exposure (CVE) ID: CVE-2004-1015 http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce&msg=145 XForce ISS Database: cyrus-magic-plus-bo(18274) https://exchange.xforce.ibmcloud.com/vulnerabilities/18274 Common Vulnerability Exposure (CVE) ID: CVE-2004-1012 Debian Security Information: DSA-597 (Google Search) http://www.debian.org/security/2004/dsa-597 https://www.ubuntu.com/usn/usn-31-1/ XForce ISS Database: cyrus-imap-commands-execute-code(18199) https://exchange.xforce.ibmcloud.com/vulnerabilities/18199 Common Vulnerability Exposure (CVE) ID: CVE-2004-1013
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com