ID de Prueba:	1.3.6.1.4.1.25623.1.0.63419
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2009:0275
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2009:0275. The imap package provides server daemons for both the IMAP (Internet Message Access Protocol) and POP (Post Office Protocol) mail access protocols. A buffer overflow flaw was discovered in the dmail and tmail mail delivery utilities shipped with imap. If either of these utilities were used as a mail delivery agent, a remote attacker could potentially use this flaw to run arbitrary code as the targeted user by sending a specially-crafted mail message to the victim. (CVE-2008-5005) Users of imap should upgrade to these updated packages, which contain a backported patch to resolve this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2009-0275.html http://www.redhat.com/security/updates/classification/#moderate CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5005 BugTraq ID: 32072 http://www.securityfocus.com/bid/32072 Bugtraq: 20081103 Bitsec Security Advisory: UW/Panda IMAP [dt]mail buffer overflow (Google Search) http://www.securityfocus.com/archive/1/498002/100/0/threaded Debian Security Information: DSA-1685 (Google Search) http://www.debian.org/security/2008/dsa-1685 https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00058.html https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00082.html http://marc.info/?l=full-disclosure&m=122572590212610&w=4 http://www.mandriva.com/security/advisories?name=MDVSA-2009:146 http://www.bitsec.com/en/rad/bsa-081103.c http://www.bitsec.com/en/rad/bsa-081103.txt http://www.washington.edu/alpine/tmailbug.html http://mailman2.u.washington.edu/pipermail/imap-uw/2008-October/002267.html http://mailman2.u.washington.edu/pipermail/imap-uw/2008-October/002268.html http://www.openwall.com/lists/oss-security/2008/11/03/3 http://www.openwall.com/lists/oss-security/2008/11/03/4 http://www.openwall.com/lists/oss-security/2008/11/03/5 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10485 RedHat Security Advisories: RHSA-2009:0275 http://rhn.redhat.com/errata/RHSA-2009-0275.html http://securitytracker.com/id?1021131 http://secunia.com/advisories/32483 http://secunia.com/advisories/32512 http://secunia.com/advisories/33142 http://secunia.com/advisories/33996 http://securityreason.com/securityalert/4570 http://www.vupen.com/english/advisories/2008/3042 XForce ISS Database: uwimapd-tmail-bo(46281) https://exchange.xforce.ibmcloud.com/vulnerabilities/46281
Copyright	Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.