Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2005:408
HistoryMay 17, 2005 - 11:27 p.m.

cyrus, perl security update

2005-05-1723:27:18
CentOS Project
lists.centos.org
40

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

86.1%

JSON

CentOS Errata and Security Advisory CESA-2005:408

The cyrus-imapd package contains the core of the Cyrus IMAP server.

Several buffer overflow bugs were found in cyrus-imapd. It is possible that
an authenticated malicious user could cause the imap server to crash.
Additionally, a peer news admin could potentially execute arbitrary code on
the imap server when news is received using the fetchnews command. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2005-0546 to this issue.

Users of cyrus-imapd are advised to upgrade to these updated packages, which
contain cyrus-imapd version 2.2.12 to correct these issues.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2005-May/073831.html
https://lists.centos.org/pipermail/centos-announce/2005-May/073833.html

Affected packages:
cyrus-imapd
cyrus-imapd-devel
cyrus-imapd-murder
cyrus-imapd-nntp
cyrus-imapd-utils
perl-Cyrus

Upstream details at:
https://access.redhat.com/errata/RHSA-2005:408

OSVersionArchitecturePackageVersionFilename
CentOS4ia64cyrus-imapd< 2.2.12-3.RHEL4.1cyrus-imapd-2.2.12-3.RHEL4.1.ia64.rpm
CentOS4ia64cyrus-imapd-devel< 2.2.12-3.RHEL4.1cyrus-imapd-devel-2.2.12-3.RHEL4.1.ia64.rpm
CentOS4ia64cyrus-imapd-murder< 2.2.12-3.RHEL4.1cyrus-imapd-murder-2.2.12-3.RHEL4.1.ia64.rpm
CentOS4ia64cyrus-imapd-nntp< 2.2.12-3.RHEL4.1cyrus-imapd-nntp-2.2.12-3.RHEL4.1.ia64.rpm
CentOS4ia64cyrus-imapd-utils< 2.2.12-3.RHEL4.1cyrus-imapd-utils-2.2.12-3.RHEL4.1.ia64.rpm
CentOS4ia64perl-cyrus< 2.2.12-3.RHEL4.1perl-Cyrus-2.2.12-3.RHEL4.1.ia64.rpm
CentOS4i386cyrus-imapd< 2.2.12-3.RHEL4.1cyrus-imapd-2.2.12-3.RHEL4.1.i386.rpm
CentOS4i386cyrus-imapd-devel< 2.2.12-3.RHEL4.1cyrus-imapd-devel-2.2.12-3.RHEL4.1.i386.rpm
CentOS4i386cyrus-imapd-murder< 2.2.12-3.RHEL4.1cyrus-imapd-murder-2.2.12-3.RHEL4.1.i386.rpm
CentOS4i386cyrus-imapd-nntp< 2.2.12-3.RHEL4.1cyrus-imapd-nntp-2.2.12-3.RHEL4.1.i386.rpm
Rows per page:
1-10 of 181

Related

cve 1
freebsd 1
openvas 5
nessus 8
redhat 1
cvelist 1
ubuntu 1
nvd 1
gentoo 1
ubuntucve 1
cve
cve
CVE-2005-0546
2005-05-02 04:00:00
freebsd
freebsd
cyrus-imapd -- multiple buffer overflow vulnerabilities
2005-02-14 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200502-29 (cyrus-imapd)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200502-29 (cyrus-imapd)
2008-09-24 00:00:00
FreeBSD Ports: cyrus-imapd
2008-09-04 00:00:00
nessus
nessus
CentOS 4 : cyrus-imapd (CESA-2005:408)
2006-07-05 00:00:00
Mandrake Linux Security Advisory : cyrus-imapd (MDKSA-2005:051)
2005-03-06 00:00:00
Fedora Core 3 : cyrus-imapd-2.2.12-1.1.fc3 (2005-339)
2012-09-24 00:00:00
redhat
redhat
(RHSA-2005:408) cyrus-imapd security update
2005-05-17 00:00:00
cvelist
cvelist
CVE-2005-0546
2005-02-25 05:00:00
ubuntu
ubuntu
Cyrus IMAP server vulnerability
2005-02-28 00:00:00
nvd
nvd
CVE-2005-0546
2005-05-02 04:00:00
gentoo
gentoo
Cyrus IMAP Server: Multiple overflow vulnerabilities
2005-02-23 00:00:00
ubuntucve
ubuntucve
CVE-2005-0546
2005-05-02 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

86.1%

JSON
Related for CESA-2005:408
cve1freebsd1openvas5nessus8redhat1cvelist1ubuntu1nvd1gentoo1ubuntucve1