ID de Prueba:	1.3.6.1.4.1.25623.1.0.62965
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200812-16 (dovecot)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200812-16.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200812-16. Vulnerability Insight: Multiple vulnerabilities were found in the Dovecot mailserver. Solution: All Dovecot users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-mail/dovecot-1.1.7-r1' Users should be aware that dovecot.conf will still be world-readable after the update. If employing ssl_key_password, it should not be used in dovecot.conf but in a separate file which should be included with 'include_try'. CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4577 31587 http://www.securityfocus.com/bid/31587 32164 http://secunia.com/advisories/32164 32471 http://secunia.com/advisories/32471 33149 http://secunia.com/advisories/33149 33624 http://secunia.com/advisories/33624 36904 http://secunia.com/advisories/36904 ADV-2008-2745 http://www.vupen.com/english/advisories/2008/2745 FEDORA-2008-9202 https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00816.html FEDORA-2008-9232 https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00844.html GLSA-200812-16 http://security.gentoo.org/glsa/glsa-200812-16.xml MDVSA-2008:232 http://www.mandriva.com/security/advisories?name=MDVSA-2008:232 RHSA-2009:0205 http://www.redhat.com/support/errata/RHSA-2009-0205.html SUSE-SR:2009:004 http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html USN-838-1 http://www.ubuntu.com/usn/USN-838-1 [Dovecot-news] 20081005 v1.1.4 released http://www.dovecot.org/list/dovecot-news/2008-October/000085.html http://bugs.gentoo.org/show_bug.cgi?id=240409 oval:org.mitre.oval:def:10376 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10376 Common Vulnerability Exposure (CVE) ID: CVE-2008-4578 20081119 Re: [ MDVSA-2008:232 ] dovecot http://www.securityfocus.com/archive/1/498498/100/0/threaded dovecot-acl-mailbox-security-bypass(45669) https://exchange.xforce.ibmcloud.com/vulnerabilities/45669 Common Vulnerability Exposure (CVE) ID: CVE-2008-4870 http://www.openwall.com/lists/oss-security/2008/10/29/10 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10776 XForce ISS Database: dovecot-dovecot-information-disclosure(46323) https://exchange.xforce.ibmcloud.com/vulnerabilities/46323 Common Vulnerability Exposure (CVE) ID: CVE-2008-4907 BugTraq ID: 31997 http://www.securityfocus.com/bid/31997 http://www.dovecot.org/list/dovecot-news/2008-October/000089.html http://secunia.com/advisories/32479 http://secunia.com/advisories/32677 http://www.ubuntu.com/usn/usn-666-1 XForce ISS Database: dovecot-mail-header-dos(46227) https://exchange.xforce.ibmcloud.com/vulnerabilities/46227
Copyright	Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.