English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 146377 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.880714
Kategorie:CentOS Local Security Checks
Titel:CentOS Update for imap CESA-2009:0275 centos3 i386
Zusammenfassung:The remote host is missing an update for the 'imap'; package(s) announced via the referenced advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'imap'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The imap package provides server daemons for both the IMAP (Internet
Message Access Protocol) and POP (Post Office Protocol) mail access protocols.

A buffer overflow flaw was discovered in the dmail and tmail mail delivery
utilities shipped with imap. If either of these utilities were used as a
mail delivery agent, a remote attacker could potentially use this flaw to
run arbitrary code as the targeted user by sending a specially-crafted mail
message to the victim. (CVE-2008-5005)

Users of imap should upgrade to these updated packages, which contain a
backported patch to resolve this issue.

Affected Software/OS:
imap on CentOS 3

Solution:
Please install the updated packages.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2008-5005
BugTraq ID: 32072
http://www.securityfocus.com/bid/32072
Bugtraq: 20081103 Bitsec Security Advisory: UW/Panda IMAP [dt]mail buffer overflow (Google Search)
http://www.securityfocus.com/archive/1/498002/100/0/threaded
Debian Security Information: DSA-1685 (Google Search)
http://www.debian.org/security/2008/dsa-1685
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00058.html
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00082.html
http://marc.info/?l=full-disclosure&m=122572590212610&w=4
http://www.mandriva.com/security/advisories?name=MDVSA-2009:146
http://www.bitsec.com/en/rad/bsa-081103.c
http://www.bitsec.com/en/rad/bsa-081103.txt
http://www.washington.edu/alpine/tmailbug.html
http://mailman2.u.washington.edu/pipermail/imap-uw/2008-October/002267.html
http://mailman2.u.washington.edu/pipermail/imap-uw/2008-October/002268.html
http://www.openwall.com/lists/oss-security/2008/11/03/3
http://www.openwall.com/lists/oss-security/2008/11/03/4
http://www.openwall.com/lists/oss-security/2008/11/03/5
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10485
RedHat Security Advisories: RHSA-2009:0275
http://rhn.redhat.com/errata/RHSA-2009-0275.html
http://securitytracker.com/id?1021131
http://secunia.com/advisories/32483
http://secunia.com/advisories/32512
http://secunia.com/advisories/33142
http://secunia.com/advisories/33996
http://securityreason.com/securityalert/4570
http://www.vupen.com/english/advisories/2008/3042
XForce ISS Database: uwimapd-tmail-bo(46281)
https://exchange.xforce.ibmcloud.com/vulnerabilities/46281
CopyrightCopyright (C) 2011 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.