Test Kennung:	1.3.6.1.4.1.25623.1.0.62965
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 200812-16 (dovecot)
Zusammenfassung:	The remote host is missing updates announced in;advisory GLSA 200812-16.
Beschreibung:	Summary: The remote host is missing updates announced in advisory GLSA 200812-16. Vulnerability Insight: Multiple vulnerabilities were found in the Dovecot mailserver. Solution: All Dovecot users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-mail/dovecot-1.1.7-r1' Users should be aware that dovecot.conf will still be world-readable after the update. If employing ssl_key_password, it should not be used in dovecot.conf but in a separate file which should be included with 'include_try'. CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4577 31587 http://www.securityfocus.com/bid/31587 32164 http://secunia.com/advisories/32164 32471 http://secunia.com/advisories/32471 33149 http://secunia.com/advisories/33149 33624 http://secunia.com/advisories/33624 36904 http://secunia.com/advisories/36904 ADV-2008-2745 http://www.vupen.com/english/advisories/2008/2745 FEDORA-2008-9202 https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00816.html FEDORA-2008-9232 https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00844.html GLSA-200812-16 http://security.gentoo.org/glsa/glsa-200812-16.xml MDVSA-2008:232 http://www.mandriva.com/security/advisories?name=MDVSA-2008:232 RHSA-2009:0205 http://www.redhat.com/support/errata/RHSA-2009-0205.html SUSE-SR:2009:004 http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html USN-838-1 http://www.ubuntu.com/usn/USN-838-1 [Dovecot-news] 20081005 v1.1.4 released http://www.dovecot.org/list/dovecot-news/2008-October/000085.html http://bugs.gentoo.org/show_bug.cgi?id=240409 oval:org.mitre.oval:def:10376 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10376 Common Vulnerability Exposure (CVE) ID: CVE-2008-4578 20081119 Re: [ MDVSA-2008:232 ] dovecot http://www.securityfocus.com/archive/1/498498/100/0/threaded dovecot-acl-mailbox-security-bypass(45669) https://exchange.xforce.ibmcloud.com/vulnerabilities/45669 Common Vulnerability Exposure (CVE) ID: CVE-2008-4870 http://www.openwall.com/lists/oss-security/2008/10/29/10 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10776 XForce ISS Database: dovecot-dovecot-information-disclosure(46323) https://exchange.xforce.ibmcloud.com/vulnerabilities/46323 Common Vulnerability Exposure (CVE) ID: CVE-2008-4907 BugTraq ID: 31997 http://www.securityfocus.com/bid/31997 http://www.dovecot.org/list/dovecot-news/2008-October/000089.html http://secunia.com/advisories/32479 http://secunia.com/advisories/32677 http://www.ubuntu.com/usn/usn-666-1 XForce ISS Database: dovecot-mail-header-dos(46227) https://exchange.xforce.ibmcloud.com/vulnerabilities/46227
Copyright	Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.