English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
146377 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.122586
Categoría:Oracle Linux Local Security Checks
Título:Oracle: Security Advisory (ELSA-2008-0297)
Resumen:The remote host is missing an update for the 'dovecot' package(s) announced via the ELSA-2008-0297 advisory.
Descripción:Summary:
The remote host is missing an update for the 'dovecot' package(s) announced via the ELSA-2008-0297 advisory.

Vulnerability Insight:
[1.0.7-2]
- LDAP+auth cache user login mixup (CVE-2007-6598, #427575)
- insecure mail_extra_groups option (CVE-2008-1199, #436927)

[1.0.7-1]
- update to latest upstream, fixes a few bugs (#331441, #245249), plus two
security vulnerabilities (CVE-2007-2231, CVE-2007-4211)
- increased default login_process_size to 64 (#253363)

Affected Software/OS:
'dovecot' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-2231
BugTraq ID: 23552
http://www.securityfocus.com/bid/23552
Bugtraq: 20070418 rPSA-2007-0074-1 dovecot (Google Search)
http://www.securityfocus.com/archive/1/466168/100/0/threaded
Debian Security Information: DSA-1359 (Google Search)
http://www.debian.org/security/2007/dsa-1359
http://dovecot.org/list/dovecot-cvs/2007-March/008488.html
http://dovecot.org/list/dovecot-news/2007-March/000038.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10995
http://www.redhat.com/support/errata/RHSA-2008-0297.html
http://secunia.com/advisories/25072
http://secunia.com/advisories/30342
SuSE Security Announcement: SUSE-SR:2007:008 (Google Search)
http://www.novell.com/linux/security/advisories/2007_8_sr.html
http://www.ubuntu.com/usn/usn-487-1
http://www.vupen.com/english/advisories/2007/1452
XForce ISS Database: dovecot-mboxstorage-directory-traversal(34082)
https://exchange.xforce.ibmcloud.com/vulnerabilities/34082
Common Vulnerability Exposure (CVE) ID: CVE-2007-4211
BugTraq ID: 25182
http://www.securityfocus.com/bid/25182
http://www.dovecot.org/list/dovecot-news/2007-August/000048.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11558
http://secunia.com/advisories/26320
http://secunia.com/advisories/26475
XForce ISS Database: dovecot-aclplugin-security-bypass(35767)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35767
Common Vulnerability Exposure (CVE) ID: CVE-2007-6598
BugTraq ID: 27093
http://www.securityfocus.com/bid/27093
Bugtraq: 20080103 Re: rPSA-2008-0001-1 dovecot (Google Search)
http://www.securityfocus.com/archive/1/485787/100/0/threaded
Bugtraq: 20080103 rPSA-2008-0001-1 dovecot (Google Search)
http://www.securityfocus.com/archive/1/485779/100/0/threaded
Debian Security Information: DSA-1457 (Google Search)
http://www.debian.org/security/2008/dsa-1457
http://dovecot.org/list/dovecot-news/2007-December/000057.html
http://dovecot.org/list/dovecot-news/2007-December/000058.html
http://osvdb.org/39876
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10458
http://secunia.com/advisories/28227
http://secunia.com/advisories/28271
http://secunia.com/advisories/28404
http://secunia.com/advisories/28434
http://secunia.com/advisories/32151
SuSE Security Announcement: SUSE-SR:2008:020 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html
http://www.ubuntu.com/usn/usn-567-1
http://www.vupen.com/english/advisories/2008/0017
Common Vulnerability Exposure (CVE) ID: CVE-2008-1199
BugTraq ID: 28092
http://www.securityfocus.com/bid/28092
Bugtraq: 20080304 Dovecot mail_extra_groups setting is often used insecurely (Google Search)
http://www.securityfocus.com/archive/1/489133/100/0/threaded
Debian Security Information: DSA-1516 (Google Search)
http://www.debian.org/security/2008/dsa-1516
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00358.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00381.html
http://security.gentoo.org/glsa/glsa-200803-25.xml
http://www.dovecot.org/list/dovecot-news/2008-March/000061.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10739
http://secunia.com/advisories/29226
http://secunia.com/advisories/29385
http://secunia.com/advisories/29396
http://secunia.com/advisories/29557
https://usn.ubuntu.com/593-1/
XForce ISS Database: dovecot-mailextragroups-unauth-access(41009)
https://exchange.xforce.ibmcloud.com/vulnerabilities/41009
CopyrightCopyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.