ELSA-2011-1508

Опубликовано: 01 дек. 2011

Источник: oracle-oval

Платформа: Oracle Linux 6

Платформа: Oracle Linux 5

Описание

ELSA-2011-1508: cyrus-imapd security update (MODERATE)

[2.3.16-6.4]

fix CVE-2011-3481: NULL pointer dereference via crafted References header in email (#738391)
fix CVE-2011-3372: nntpd authentication bypass (#740822)

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

cyrus-imapd

2.3.16-6.el6_1.4

cyrus-imapd-devel

2.3.16-6.el6_1.4

cyrus-imapd-utils

2.3.16-6.el6_1.4

Oracle Linux i686

cyrus-imapd

2.3.16-6.el6_1.4

cyrus-imapd-devel

2.3.16-6.el6_1.4

cyrus-imapd-utils

2.3.16-6.el6_1.4

Oracle Linux 5

Oracle Linux ia64

cyrus-imapd

2.3.7-12.0.1.el5_7.2

cyrus-imapd-devel

2.3.7-12.0.1.el5_7.2

cyrus-imapd-perl

2.3.7-12.0.1.el5_7.2

cyrus-imapd-utils

2.3.7-12.0.1.el5_7.2

Oracle Linux x86_64

cyrus-imapd

2.3.7-12.0.1.el5_7.2

cyrus-imapd-devel

2.3.7-12.0.1.el5_7.2

cyrus-imapd-perl

2.3.7-12.0.1.el5_7.2

cyrus-imapd-utils

2.3.7-12.0.1.el5_7.2

Oracle Linux i386

cyrus-imapd

2.3.7-12.0.1.el5_7.2

cyrus-imapd-devel

2.3.7-12.0.1.el5_7.2

cyrus-imapd-perl

2.3.7-12.0.1.el5_7.2

cyrus-imapd-utils

2.3.7-12.0.1.el5_7.2

Связанные CVE

CVE-2011-3481

CVE-2011-3372

Ссылки на источники

Связанные уязвимости

CVE-2011-3481

ubuntu

почти 14 лет назад

The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message.

CVE-2011-3481

redhat

больше 19 лет назад

CVE-2011-3481

nvd

почти 14 лет назад

CVE-2011-3481

debian

почти 14 лет назад

The index_get_ids function in index.c in imapd in Cyrus IMAP Server be ...

CVE-2011-3372

ubuntu

больше 13 лет назад

imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.