ID de Prueba:	1.3.6.1.4.1.25623.1.0.880714
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for imap CESA-2009:0275 centos3 i386
Resumen:	The remote host is missing an update for the 'imap'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'imap' package(s) announced via the referenced advisory. Vulnerability Insight: The imap package provides server daemons for both the IMAP (Internet Message Access Protocol) and POP (Post Office Protocol) mail access protocols. A buffer overflow flaw was discovered in the dmail and tmail mail delivery utilities shipped with imap. If either of these utilities were used as a mail delivery agent, a remote attacker could potentially use this flaw to run arbitrary code as the targeted user by sending a specially-crafted mail message to the victim. (CVE-2008-5005) Users of imap should upgrade to these updated packages, which contain a backported patch to resolve this issue. Affected Software/OS: imap on CentOS 3 Solution: Please install the updated packages. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5005 BugTraq ID: 32072 http://www.securityfocus.com/bid/32072 Bugtraq: 20081103 Bitsec Security Advisory: UW/Panda IMAP [dt]mail buffer overflow (Google Search) http://www.securityfocus.com/archive/1/498002/100/0/threaded Debian Security Information: DSA-1685 (Google Search) http://www.debian.org/security/2008/dsa-1685 https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00058.html https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00082.html http://marc.info/?l=full-disclosure&m=122572590212610&w=4 http://www.mandriva.com/security/advisories?name=MDVSA-2009:146 http://www.bitsec.com/en/rad/bsa-081103.c http://www.bitsec.com/en/rad/bsa-081103.txt http://www.washington.edu/alpine/tmailbug.html http://mailman2.u.washington.edu/pipermail/imap-uw/2008-October/002267.html http://mailman2.u.washington.edu/pipermail/imap-uw/2008-October/002268.html http://www.openwall.com/lists/oss-security/2008/11/03/3 http://www.openwall.com/lists/oss-security/2008/11/03/4 http://www.openwall.com/lists/oss-security/2008/11/03/5 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10485 RedHat Security Advisories: RHSA-2009:0275 http://rhn.redhat.com/errata/RHSA-2009-0275.html http://securitytracker.com/id?1021131 http://secunia.com/advisories/32483 http://secunia.com/advisories/32512 http://secunia.com/advisories/33142 http://secunia.com/advisories/33996 http://securityreason.com/securityalert/4570 http://www.vupen.com/english/advisories/2008/3042 XForce ISS Database: uwimapd-tmail-bo(46281) https://exchange.xforce.ibmcloud.com/vulnerabilities/46281
Copyright	Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.