Cyrus IMAP Server Long Filename Overflow

2005-02-24T05:49:25
ID OSVDB:14093
Type osvdb
Reporter OSVDB
Modified 2005-02-24T05:49:25

Description

Solution Description

Upgrade to version 2.2.11 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor URL: http://asg.web.cmu.edu/cyrus/ Vendor Specific News/Changelog Entry: http://asg.web.cmu.edu/cyrus/download/imapd/changes.html Vendor Specific Advisory URL Vendor Specific Advisory URL Security Tracker: 1013278 Secunia Advisory ID:14383 Secunia Advisory ID:14388 Secunia Advisory ID:14393 Secunia Advisory ID:15408 Related OSVDB ID: 14090 Related OSVDB ID: 14091 Related OSVDB ID: 14089 Related OSVDB ID: 14092 Other Advisory URL: http://rhn.redhat.com/errata/RHSA-2005-408.html Other Advisory URL: http://www.novell.com/linux/security/advisories/2005_09_cyrus_imapd.html Other Advisory URL: http://security.gentoo.org/glsa/glsa-200502-29.xml Other Advisory URL: http://asg.web.cmu.edu/archive/message.php?mailbox=archive.info-cyrus&msg=33723 CVE-2005-0546