Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2011-0859)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.122148

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2011-0859)

Resumen: The remote host is missing an update for the 'cyrus-imapd' package(s) announced via the ELSA-2011-0859 advisory.

Descripción: Summary:
The remote host is missing an update for the 'cyrus-imapd' package(s) announced via the ELSA-2011-0859 advisory.

Vulnerability Insight:
[2.3.16-6.2]
- do not use strict aliasing

[2.3.16-6.1]
- fix CVE-2011-1926: STARTTLS plaintext command injection vulnerability

Affected Software/OS:
'cyrus-imapd' package(s) on Oracle Linux 4, Oracle Linux 5, Oracle Linux 6.

Solution:
Please install the updated package(s).

CVSS Score:
5.1

CVSS Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-1926
1025625
http://www.securitytracker.com/id?1025625
44670
http://secunia.com/advisories/44670
44876
http://secunia.com/advisories/44876
44913
http://secunia.com/advisories/44913
44928
http://secunia.com/advisories/44928
DSA-2242
http://www.debian.org/security/2011/dsa-2242
DSA-2258
http://www.debian.org/security/2011/dsa-2258
FEDORA-2011-7193
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061415.html
FEDORA-2011-7217
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061374.html
MDVSA-2011:100
http://www.mandriva.com/security/advisories?name=MDVSA-2011:100
RHSA-2011:0859
http://www.redhat.com/support/errata/RHSA-2011-0859.html
VU#555316
http://www.kb.cert.org/vuls/id/555316
[oss-security] 20110517 CVE Request -- Cyrus-IMAP STARTTLS issue -- [was: Re: pure-ftpd STARTTLS command injection / new CVE?]
http://openwall.com/lists/oss-security/2011/05/17/2
[oss-security] 20110517 Re: CVE Request -- Cyrus-IMAP STARTTLS issue -- [was: Re: pure-ftpd STARTTLS command injection / new CVE?]
http://openwall.com/lists/oss-security/2011/05/17/15
cyrus-starttls-command-exec(67867)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67867
http://bugzilla.cyrusimap.org/show_bug.cgi?id=3423
http://bugzilla.cyrusimap.org/show_bug.cgi?id=3424
http://git.cyrusimap.org/cyrus-imapd/patch/?id=523a91a5e86c8b9a27a138f04a3e3f2d8786f162
http://www.cyrusimap.org/docs/cyrus-imapd/2.4.7/changes.php
https://bugzilla.redhat.com/show_bug.cgi?id=705288

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.122148
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2011-0859)
Resumen:	The remote host is missing an update for the 'cyrus-imapd' package(s) announced via the ELSA-2011-0859 advisory.
Descripción:	Summary: The remote host is missing an update for the 'cyrus-imapd' package(s) announced via the ELSA-2011-0859 advisory. Vulnerability Insight: [2.3.16-6.2] - do not use strict aliasing [2.3.16-6.1] - fix CVE-2011-1926: STARTTLS plaintext command injection vulnerability Affected Software/OS: 'cyrus-imapd' package(s) on Oracle Linux 4, Oracle Linux 5, Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1926 1025625 http://www.securitytracker.com/id?1025625 44670 http://secunia.com/advisories/44670 44876 http://secunia.com/advisories/44876 44913 http://secunia.com/advisories/44913 44928 http://secunia.com/advisories/44928 DSA-2242 http://www.debian.org/security/2011/dsa-2242 DSA-2258 http://www.debian.org/security/2011/dsa-2258 FEDORA-2011-7193 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061415.html FEDORA-2011-7217 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061374.html MDVSA-2011:100 http://www.mandriva.com/security/advisories?name=MDVSA-2011:100 RHSA-2011:0859 http://www.redhat.com/support/errata/RHSA-2011-0859.html VU#555316 http://www.kb.cert.org/vuls/id/555316 [oss-security] 20110517 CVE Request -- Cyrus-IMAP STARTTLS issue -- [was: Re: pure-ftpd STARTTLS command injection / new CVE?] http://openwall.com/lists/oss-security/2011/05/17/2 [oss-security] 20110517 Re: CVE Request -- Cyrus-IMAP STARTTLS issue -- [was: Re: pure-ftpd STARTTLS command injection / new CVE?] http://openwall.com/lists/oss-security/2011/05/17/15 cyrus-starttls-command-exec(67867) https://exchange.xforce.ibmcloud.com/vulnerabilities/67867 http://bugzilla.cyrusimap.org/show_bug.cgi?id=3423 http://bugzilla.cyrusimap.org/show_bug.cgi?id=3424 http://git.cyrusimap.org/cyrus-imapd/patch/?id=523a91a5e86c8b9a27a138f04a3e3f2d8786f162 http://www.cyrusimap.org/docs/cyrus-imapd/2.4.7/changes.php https://bugzilla.redhat.com/show_bug.cgi?id=705288
Copyright	Copyright (C) 2015 Greenbone AG