Family: Fedora Local Security Checks --> Category: infos
Fedora Core 2 2004-489: cyrus-imapd Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the cyrus-imapd package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory FEDORA-2004-489 (cyrus-imapd).
The cyrus-imapd package contains the core of the Cyrus IMAP server.
It is a scaleable enterprise mail system designed for use from
small to large enterprise environments using standards-based
internet mail technologies.
A full Cyrus IMAP implementation allows a seamless mail and bulletin
board environment to be set up across multiple servers. It differs
other IMAP server implementations in that it is run on 'sealed'
servers, where users are not normally permitted to log in. The mailbox
database is stored in parts of the filesystem that are private to the
Cyrus IMAP server. All user access to mail is through software using
the IMAP, POP3, or KPOP protocols. TLSv1 and SSL are supported for
Fix several buffer overflow problems that could be used as an exploit.
Fixes the following security advisories:
CVE-2004-1011 CVE-2004-1012 CVE-2004-1013 CVE-2004-1015
Solution : http://www.fedoranews.org/blog/index.php?p=148
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.