Test ID:	1.3.6.1.4.1.25623.1.0.880967
Category:	CentOS Local Security Checks
Title:	CentOS Update for dovecot CESA-2011:1187 centos4 i386
Summary:	The remote host is missing an update for the 'dovecot'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'dovecot' package(s) announced via the referenced advisory. Vulnerability Insight: Dovecot is an IMAP server for Linux, UNIX, and similar operating systems, primarily written with security in mind. A denial of service flaw was found in the way Dovecot handled NULL characters in certain header names. A mail message with specially-crafted headers could cause the Dovecot child process handling the target user's connection to crash, blocking them from downloading the message successfully and possibly leading to the corruption of their mailbox. (CVE-2011-1929) Users of dovecot are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, the dovecot service will be restarted automatically. Affected Software/OS: dovecot on CentOS 4 Solution: Please install the updated packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1929 44683 http://secunia.com/advisories/44683 44712 http://secunia.com/advisories/44712 44756 http://secunia.com/advisories/44756 44771 http://secunia.com/advisories/44771 44827 http://secunia.com/advisories/44827 47930 http://www.securityfocus.com/bid/47930 72495 http://osvdb.org/72495 DSA-2252 http://www.debian.org/security/2011/dsa-2252 FEDORA-2011-7258 http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060815.html FEDORA-2011-7268 http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060825.html FEDORA-2011-7612 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061384.html MDVSA-2011:101 http://www.mandriva.com/security/advisories?name=MDVSA-2011:101 RHSA-2011:1187 http://www.redhat.com/support/errata/RHSA-2011-1187.html USN-1143-1 http://www.ubuntu.com/usn/USN-1143-1 [dovecot] 20110511 v1.2.17 released http://dovecot.org/pipermail/dovecot/2011-May/059086.html [dovecot] 20110511 v2.0.13 released http://dovecot.org/pipermail/dovecot/2011-May/059085.html [oss-security] 20110518 Dovecot releases http://openwall.com/lists/oss-security/2011/05/18/4 [oss-security] 20110519 Re: Dovecot releases http://openwall.com/lists/oss-security/2011/05/19/3 http://openwall.com/lists/oss-security/2011/05/19/6 dovecot-header-name-dos(67589) https://exchange.xforce.ibmcloud.com/vulnerabilities/67589 http://hg.dovecot.org/dovecot-1.1/rev/3698dfe0f21c http://www.dovecot.org/doc/NEWS-1.2 http://www.dovecot.org/doc/NEWS-2.0 https://bugzilla.redhat.com/show_bug.cgi?id=706286 openSUSE-SU-2011:0540 https://hermes.opensuse.org/messages/8581790
Copyright	Copyright (C) 2011 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.