ID de Prueba:	1.3.6.1.4.1.25623.1.0.55925
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2005:850
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2005:850. The imap package provides server daemons for both the IMAP (Internet Message Access Protocol) and POP (Post Office Protocol) mail access protocols. A buffer overflow flaw was discovered in the way the c-client library parses user supplied mailboxes. If an authenticated user requests a specially crafted mailbox name, it may be possible to execute arbitrary code on a server that uses the library. The Common Vulnerabilities and Exposures project has assigned the name CVE-2005-2933 to this issue. All users of imap should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2005-850.html Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	BugTraq ID: 15009 Common Vulnerability Exposure (CVE) ID: CVE-2005-2933 http://www.securityfocus.com/bid/15009 CERT/CC vulnerability note: VU#933601 http://www.kb.cert.org/vuls/id/933601 Debian Security Information: DSA-861 (Google Search) http://www.debian.org/security/2005/dsa-861 http://www.securityfocus.com/archive/1/430296/100/0/threaded http://www.securityfocus.com/archive/1/430303/100/0/threaded http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0081.html http://www.gentoo.org/security/en/glsa/glsa-200510-10.xml http://www.idefense.com/application/poi/display?id=313&type=vulnerabilities&flashstatus=true http://www.mandriva.com/security/advisories?name=MDKSA-2005:189 http://www.mandriva.com/security/advisories?name=MDKSA-2005:194 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9858 http://www.redhat.com/support/errata/RHSA-2005-848.html http://www.redhat.com/support/errata/RHSA-2005-850.html RedHat Security Advisories: RHSA-2006:0276 http://rhn.redhat.com/errata/RHSA-2006-0276.html http://www.redhat.com/support/errata/RHSA-2006-0501.html RedHat Security Advisories: RHSA-2006:0549 http://rhn.redhat.com/errata/RHSA-2006-0549.html http://securitytracker.com/id?1015000 http://secunia.com/advisories/17062/ http://secunia.com/advisories/17148 http://secunia.com/advisories/17152 http://secunia.com/advisories/17215 http://secunia.com/advisories/17276 http://secunia.com/advisories/17336 http://secunia.com/advisories/17483 http://secunia.com/advisories/17928 http://secunia.com/advisories/17930 http://secunia.com/advisories/17950 http://secunia.com/advisories/18554 http://secunia.com/advisories/19832 http://secunia.com/advisories/20210 http://secunia.com/advisories/20222 http://secunia.com/advisories/20951 http://secunia.com/advisories/21252 http://secunia.com/advisories/21564 SGI Security Advisory: 20051201-01-U ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U SGI Security Advisory: 20060501-01-U ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.500161 http://securityreason.com/securityalert/47 SuSE Security Announcement: SUSE-SR:2005:023 (Google Search) http://www.novell.com/linux/security/advisories/2005_23_sr.html http://www.vupen.com/english/advisories/2006/2685 XForce ISS Database: uw-imap-mailbox-name-bo(22518) https://exchange.xforce.ibmcloud.com/vulnerabilities/22518
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.