Test ID:	1.3.6.1.4.1.25623.1.0.831405
Category:	Mandrake Local Security Checks
Title:	Mandriva Update for dovecot MDVSA-2011:101 (dovecot)
Summary:	The remote host is missing an update for the 'dovecot'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'dovecot' package(s) announced via the referenced advisory. Vulnerability Insight: A vulnerability has been identified and fixed in dovecot: lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle NUL characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message (CVE-2011-1929). Packages for 2009.0 are provided as of the Extended Maintenance Program. The updated packages have been patched to correct this issue. Affected Software/OS: dovecot on Mandriva Linux 2009.0, Mandriva Linux 2009.0/X86_64, Mandriva Linux 2010.1, Mandriva Linux 2010.1/X86_64, Mandriva Enterprise Server 5, Mandriva Enterprise Server 5/X86_64 Solution: Please Install the Updated Packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1929 44683 http://secunia.com/advisories/44683 44712 http://secunia.com/advisories/44712 44756 http://secunia.com/advisories/44756 44771 http://secunia.com/advisories/44771 44827 http://secunia.com/advisories/44827 47930 http://www.securityfocus.com/bid/47930 72495 http://osvdb.org/72495 DSA-2252 http://www.debian.org/security/2011/dsa-2252 FEDORA-2011-7258 http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060815.html FEDORA-2011-7268 http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060825.html FEDORA-2011-7612 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061384.html MDVSA-2011:101 http://www.mandriva.com/security/advisories?name=MDVSA-2011:101 RHSA-2011:1187 http://www.redhat.com/support/errata/RHSA-2011-1187.html USN-1143-1 http://www.ubuntu.com/usn/USN-1143-1 [dovecot] 20110511 v1.2.17 released http://dovecot.org/pipermail/dovecot/2011-May/059086.html [dovecot] 20110511 v2.0.13 released http://dovecot.org/pipermail/dovecot/2011-May/059085.html [oss-security] 20110518 Dovecot releases http://openwall.com/lists/oss-security/2011/05/18/4 [oss-security] 20110519 Re: Dovecot releases http://openwall.com/lists/oss-security/2011/05/19/3 http://openwall.com/lists/oss-security/2011/05/19/6 dovecot-header-name-dos(67589) https://exchange.xforce.ibmcloud.com/vulnerabilities/67589 http://hg.dovecot.org/dovecot-1.1/rev/3698dfe0f21c http://www.dovecot.org/doc/NEWS-1.2 http://www.dovecot.org/doc/NEWS-2.0 https://bugzilla.redhat.com/show_bug.cgi?id=706286 openSUSE-SU-2011:0540 https://hermes.opensuse.org/messages/8581790
Copyright	Copyright (C) 2011 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.