SUSE-SA:2004:043: cyrus-imapd

critical Nessus Plugin ID 15923

Synopsis

The remote host is missing a vendor-supplied security patch

Description

The remote host is missing the patch for the advisory SUSE-SA:2004:043 (cyrus-imapd).


Stefan Esser reported various bugs within the Cyrus IMAP Server.
These include buffer overflows and out-of-bounds memory access which could allow remote attackers to execute arbitrary commands as root. The bugs occur in the pre-authentication phase, therefore an update is strongly recommended.

Solution

http://www.suse.de/security/2004_43_cyrus_imapd.html

Plugin Details

Severity: Critical

ID: 15923

File Name: suse_SA_2004_043.nasl

Version: 1.11

Agent: unix

Published: 12/7/2004

Updated: 1/14/2021

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list

Reference Information

CVE: CVE-2004-1011, CVE-2004-1012, CVE-2004-1013