Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Bugtraq: [USN-87-1] Cyrus IMAP server vulnerability

[USN-87-1] Cyrus IMAP server vulnerability

From: Martin Pitt <martin.pitt_at_canonical.com>
Date: Mon, 28 Feb 2005 13:16:37 +0100

===========================================================
Ubuntu Security Notice USN-87-1 February 28, 2005
cyrus21-imapd vulnerability
CAN-2005-0546
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

cyrus21-imapd

The problem can be corrected by upgrading the affected package to
version 2.1.16-6ubuntu0.3. In general, a standard system upgrade is
sufficient to effect the necessary changes.

Details follow:

Sean Larsson discovered a buffer overflow in the IMAP "annotate"
extension. This possibly allowed an authenticated IMAP client to
execute arbitrary code with the privileges of the Cyrus IMAP server.

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-imapd_2.1.16-6ubuntu0.3.diff.gz
      Size/MD5: 236064 389812cf102f362acbdd8427d42a3fcc
    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-imapd_2.1.16-6ubuntu0.3.dsc
      Size/MD5: 1040 7b56583400526281be8452c3c9ce24df
    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-imapd_2.1.16.orig.tar.gz
      Size/MD5: 1687454 8f4ff803a910d0f4e4cfab3b13a6080d

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-admin_2.1.16-6ubuntu0.3_all.deb
      Size/MD5: 87974 ea896023fb72b192e5b84d97e1c9f612
    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-doc_2.1.16-6ubuntu0.3_all.deb
      Size/MD5: 206610 6c655f7135379dc53f7a12f648717af3

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-clients_2.1.16-6ubuntu0.3_amd64.deb
      Size/MD5: 107060 35173577eee7aa4e58d081ae17423949
    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-common_2.1.16-6ubuntu0.3_amd64.deb
      Size/MD5: 2071564 a6704031b0a84ab7f7561a2133f91cb4
    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-dev_2.1.16-6ubuntu0.3_amd64.deb
      Size/MD5: 267960 c406a6936d0442da7ac366601a5bd396
    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-imapd_2.1.16-6ubuntu0.3_amd64.deb
      Size/MD5: 591192 182d1004c78315bf4487021723151a28
    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-murder_2.1.16-6ubuntu0.3_amd64.deb
      Size/MD5: 526746 3c68af3b07ec57a0ae52b87064c8df63
    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-pop3d_2.1.16-6ubuntu0.3_amd64.deb
      Size/MD5: 93078 970dc32aeb86f6cdf9f0d385269122ae
    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/libcyrus-imap-perl21_2.1.16-6ubuntu0.3_amd64.deb
      Size/MD5: 137768 2642bf39e391884bcde4712eb9191b94

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-clients_2.1.16-6ubuntu0.3_i386.deb
      Size/MD5: 104238 c9a63b935d093726a3f2a816c3982d1f
    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-common_2.1.16-6ubuntu0.3_i386.deb
      Size/MD5: 1949418 6fcee0507a1bfa3291fbf617da7ac626
    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-dev_2.1.16-6ubuntu0.3_i386.deb
      Size/MD5: 261406 70d285879999adaf211ccaa36dbb7ab2
    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-imapd_2.1.16-6ubuntu0.3_i386.deb
      Size/MD5: 561746 aec4f8aebecd6ce20f84456926a2dbe6
    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-murder_2.1.16-6ubuntu0.3_i386.deb
      Size/MD5: 493322 35ad3b8ad6f3a8d010187758a72aab54
    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-pop3d_2.1.16-6ubuntu0.3_i386.deb
      Size/MD5: 85204 8bb2c9dc9ab196ccd42a67ee5049ae60
    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/libcyrus-imap-perl21_2.1.16-6ubuntu0.3_i386.deb
      Size/MD5: 133844 15277d0438a3966ff1f091cc2f89f6f2

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-clients_2.1.16-6ubuntu0.3_powerpc.deb
      Size/MD5: 106852 d464f8d95c19f2b6e2ab799756ce7253
    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-common_2.1.16-6ubuntu0.3_powerpc.deb
      Size/MD5: 2083580 9605c7608e077530ceb7ad39e3aa6e1b
    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-dev_2.1.16-6ubuntu0.3_powerpc.deb
      Size/MD5: 265422 0b3be1bfb756b3f6a81ce253c5564ffa
    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-imapd_2.1.16-6ubuntu0.3_powerpc.deb
      Size/MD5: 593502 82b7ea2f28f9aec84334a13c9fdfd742
    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-murder_2.1.16-6ubuntu0.3_powerpc.deb
      Size/MD5: 527656 cf5477019633341b42047261b18f01f2
    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-pop3d_2.1.16-6ubuntu0.3_powerpc.deb
      Size/MD5: 93268 3589f4386b12fc4c6cec1676713a556a
    http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/libcyrus-imap-perl21_2.1.16-6ubuntu0.3_powerpc.deb
      Size/MD5: 135818 5a148e9feaa9c0d45cb16e333e32c8aa

Received on Mar 02 2005
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos