Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2011-0600)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.122173

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2011-0600)

Resumen: The remote host is missing an update for the 'dovecot' package(s) announced via the ELSA-2011-0600 advisory.

Descripción: Summary:
The remote host is missing an update for the 'dovecot' package(s) announced via the ELSA-2011-0600 advisory.

Vulnerability Insight:
[2.0.9-2]
- fix issues and assert crashes found in 2.0.9 (lmtp,dotlock,zlib)

[2.0.9-1]
- dovecot updated to 2.0.9
- fixed a high system CPU usage / high context switch count performance problem
- lda: Fixed a crash when trying to send 'out of quota' reply

[2.0.8-1]
- dovecot updated to 2.0.8 (fixes #654226), pigeonhole updated to 0.2.2
- IMAP: Fixed SELECT QRESYNC not to crash on mailbox close if a lot of changes w
ere being sent.
- Fixed leaking fds when writing to dovecot.mailbox.log.
- Fixed rare dovecot.index.cache corruption
- zlib: Fixed several crashes, which mainly showed up with mbox.
- acl: Fixed crashing when sometimes listing shared mailboxes via dict proxy.
- mdbox: Fixed potential assert-crash when saving multiple messages
in one transaction
- dsync: a lot of fixes
- fixed lda + sieve crash

Affected Software/OS:
'dovecot' package(s) on Oracle Linux 6.

Solution:
Please install the updated package(s).

CVSS Score:
5.5

CVSS Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-3707
43220
http://secunia.com/advisories/43220
ADV-2010-2572
http://www.vupen.com/english/advisories/2010/2572
ADV-2010-2840
http://www.vupen.com/english/advisories/2010/2840
ADV-2011-0301
http://www.vupen.com/english/advisories/2011/0301
MDVSA-2010:217
http://www.mandriva.com/security/advisories?name=MDVSA-2010:217
RHSA-2011:0600
http://www.redhat.com/support/errata/RHSA-2011-0600.html
SUSE-SR:2010:020
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html
USN-1059-1
http://www.ubuntu.com/usn/USN-1059-1
[dovecot] 20101002 ACL handling bugs in v1.2.8+ and v2.0
http://www.dovecot.org/list/dovecot/2010-October/053452.html
[dovecot] 20101002 v1.2.15 released
http://www.dovecot.org/list/dovecot/2010-October/053450.html
[dovecot] 20101002 v2.0.5 released
http://www.dovecot.org/list/dovecot/2010-October/053451.html
[oss-security] 20101004 CVE Request: more dovecot ACL issues
http://marc.info/?l=oss-security&m=128620520732377&w=2
[oss-security] 20101004 Re: CVE Request: more dovecot ACL issues
http://marc.info/?l=oss-security&m=128622064325688&w=2
Common Vulnerability Exposure (CVE) ID: CVE-2010-3780

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.122173
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2011-0600)
Resumen:	The remote host is missing an update for the 'dovecot' package(s) announced via the ELSA-2011-0600 advisory.
Descripción:	Summary: The remote host is missing an update for the 'dovecot' package(s) announced via the ELSA-2011-0600 advisory. Vulnerability Insight: [2.0.9-2] - fix issues and assert crashes found in 2.0.9 (lmtp,dotlock,zlib) [2.0.9-1] - dovecot updated to 2.0.9 - fixed a high system CPU usage / high context switch count performance problem - lda: Fixed a crash when trying to send 'out of quota' reply [2.0.8-1] - dovecot updated to 2.0.8 (fixes #654226), pigeonhole updated to 0.2.2 - IMAP: Fixed SELECT QRESYNC not to crash on mailbox close if a lot of changes w ere being sent. - Fixed leaking fds when writing to dovecot.mailbox.log. - Fixed rare dovecot.index.cache corruption - zlib: Fixed several crashes, which mainly showed up with mbox. - acl: Fixed crashing when sometimes listing shared mailboxes via dict proxy. - mdbox: Fixed potential assert-crash when saving multiple messages in one transaction - dsync: a lot of fixes - fixed lda + sieve crash Affected Software/OS: 'dovecot' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 5.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3707 43220 http://secunia.com/advisories/43220 ADV-2010-2572 http://www.vupen.com/english/advisories/2010/2572 ADV-2010-2840 http://www.vupen.com/english/advisories/2010/2840 ADV-2011-0301 http://www.vupen.com/english/advisories/2011/0301 MDVSA-2010:217 http://www.mandriva.com/security/advisories?name=MDVSA-2010:217 RHSA-2011:0600 http://www.redhat.com/support/errata/RHSA-2011-0600.html SUSE-SR:2010:020 http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html USN-1059-1 http://www.ubuntu.com/usn/USN-1059-1 [dovecot] 20101002 ACL handling bugs in v1.2.8+ and v2.0 http://www.dovecot.org/list/dovecot/2010-October/053452.html [dovecot] 20101002 v1.2.15 released http://www.dovecot.org/list/dovecot/2010-October/053450.html [dovecot] 20101002 v2.0.5 released http://www.dovecot.org/list/dovecot/2010-October/053451.html [oss-security] 20101004 CVE Request: more dovecot ACL issues http://marc.info/?l=oss-security&m=128620520732377&w=2 [oss-security] 20101004 Re: CVE Request: more dovecot ACL issues http://marc.info/?l=oss-security&m=128622064325688&w=2 Common Vulnerability Exposure (CVE) ID: CVE-2010-3780
Copyright	Copyright (C) 2015 Greenbone AG