|
Family: Ubuntu Local Security Checks --> Category: infos
USN226-1 : courier vulnerability Vulnerability Scan
Vulnerability Scan Summary courier vulnerability
Detailed Explanation for this Vulnerability Test
Synopsis :
These remote packages are missing security patches :
- courier-authdaemon
- courier-authmysql
- courier-authpostgresql
- courier-base
- courier-doc
- courier-faxmail
- courier-imap
- courier-imap-ssl
- courier-ldap
- courier-maildrop
- courier-mlm
- courier-mta
- courier-mta-ssl
- courier-pcp
- courier-pop
- courier-pop-ssl
- courier-ssl
- courier-webadmin
- sqwebmail
Description :
Patrick Cheong Shu Yang discovered a flaw in the user account handling
of courier-authdaemon. After successful authorization, the Courier
mail server granted access to deactivated accounts.
Solution :
Upgrade to :
- courier-authdaemon-0.47-3ubuntu7.1 (Ubuntu 5.10)
- courier-authmysql-0.47-3ubuntu7.1 (Ubuntu 5.10)
- courier-authpostgresql-0.47-3ubuntu7.1 (Ubuntu 5.10)
- courier-base-0.47-3ubuntu7.1 (Ubuntu 5.10)
- courier-doc-0.47-3ubuntu7.1 (Ubuntu 5.10)
- courier-faxmail-0.47-3ubuntu7.1 (Ubuntu 5.10)
- courier-imap-3.0.8-3ubuntu7.1 (Ubuntu 5.10)
- courier-imap-ssl-3.0.8-3ubuntu7.1 (Ubuntu 5.10)
- courier-ldap-0.47-3ubuntu7.1 (Ubuntu 5.10)
- courier-maildrop-0.47-3ubuntu7.1 (Ubuntu 5.10)
- courier-mlm-
[...]
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|