FreeBSD Local Security Checks : FreeBSD Ports: dovecot

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.70259

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: dovecot

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following package is affected: dovecot

CVE-2011-1929
lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and
2.0.x before 2.0.13 does not properly handle '\0' characters in header
names, which allows remote attackers to cause a denial of service
(daemon crash or mailbox corruption) via a crafted e-mail message.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-1929
44683
http://secunia.com/advisories/44683
44712
http://secunia.com/advisories/44712
44756
http://secunia.com/advisories/44756
44771
http://secunia.com/advisories/44771
44827
http://secunia.com/advisories/44827
47930
http://www.securityfocus.com/bid/47930
72495
http://osvdb.org/72495
DSA-2252
http://www.debian.org/security/2011/dsa-2252
FEDORA-2011-7258
http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060815.html
FEDORA-2011-7268
http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060825.html
FEDORA-2011-7612
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061384.html
MDVSA-2011:101
http://www.mandriva.com/security/advisories?name=MDVSA-2011:101
RHSA-2011:1187
http://www.redhat.com/support/errata/RHSA-2011-1187.html
USN-1143-1
http://www.ubuntu.com/usn/USN-1143-1
[dovecot] 20110511 v1.2.17 released
http://dovecot.org/pipermail/dovecot/2011-May/059086.html
[dovecot] 20110511 v2.0.13 released
http://dovecot.org/pipermail/dovecot/2011-May/059085.html
[oss-security] 20110518 Dovecot releases
http://openwall.com/lists/oss-security/2011/05/18/4
[oss-security] 20110519 Re: Dovecot releases
http://openwall.com/lists/oss-security/2011/05/19/3
http://openwall.com/lists/oss-security/2011/05/19/6
dovecot-header-name-dos(67589)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67589
http://hg.dovecot.org/dovecot-1.1/rev/3698dfe0f21c
http://www.dovecot.org/doc/NEWS-1.2
http://www.dovecot.org/doc/NEWS-2.0
https://bugzilla.redhat.com/show_bug.cgi?id=706286
openSUSE-SU-2011:0540
https://hermes.opensuse.org/messages/8581790

Copyright Copyright (C) 2011 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.70259
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: dovecot
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: dovecot CVE-2011-1929 lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1929 44683 http://secunia.com/advisories/44683 44712 http://secunia.com/advisories/44712 44756 http://secunia.com/advisories/44756 44771 http://secunia.com/advisories/44771 44827 http://secunia.com/advisories/44827 47930 http://www.securityfocus.com/bid/47930 72495 http://osvdb.org/72495 DSA-2252 http://www.debian.org/security/2011/dsa-2252 FEDORA-2011-7258 http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060815.html FEDORA-2011-7268 http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060825.html FEDORA-2011-7612 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061384.html MDVSA-2011:101 http://www.mandriva.com/security/advisories?name=MDVSA-2011:101 RHSA-2011:1187 http://www.redhat.com/support/errata/RHSA-2011-1187.html USN-1143-1 http://www.ubuntu.com/usn/USN-1143-1 [dovecot] 20110511 v1.2.17 released http://dovecot.org/pipermail/dovecot/2011-May/059086.html [dovecot] 20110511 v2.0.13 released http://dovecot.org/pipermail/dovecot/2011-May/059085.html [oss-security] 20110518 Dovecot releases http://openwall.com/lists/oss-security/2011/05/18/4 [oss-security] 20110519 Re: Dovecot releases http://openwall.com/lists/oss-security/2011/05/19/3 http://openwall.com/lists/oss-security/2011/05/19/6 dovecot-header-name-dos(67589) https://exchange.xforce.ibmcloud.com/vulnerabilities/67589 http://hg.dovecot.org/dovecot-1.1/rev/3698dfe0f21c http://www.dovecot.org/doc/NEWS-1.2 http://www.dovecot.org/doc/NEWS-2.0 https://bugzilla.redhat.com/show_bug.cgi?id=706286 openSUSE-SU-2011:0540 https://hermes.opensuse.org/messages/8581790
Copyright	Copyright (C) 2011 E-Soft Inc.