Mandrake Linux Security Advisory : kolab-resource-handlers (MDKSA-2006:013)

medium Nessus Plugin ID 20479

Synopsis

The remote Mandrake Linux host is missing a security update.

Description

A problem exists in how the Kolab Server transports emails bigger than 8KB in size and if a dot ('.') character exists in the wrong place. If these conditions are met, kolabfilter will double this dot and a modified email will be delivered, which could lead to broken clear-text signatures or broken attachments.

The updated packages have been patched to correct these problems.

Solution

Update the affected kolab-resource-handlers package.

See Also

http://www-old.kolab.org/security/kolab-vendor-notice-07.txt

Plugin Details

Severity: Medium

ID: 20479

File Name: mandrake_MDKSA-2006-013.nasl

Version: 1.17

Type: local

Published: 1/15/2006

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.8

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:kolab-resource-handlers, cpe:/o:mandriva:linux:2006

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 1/12/2006

Reference Information

CVE: CVE-2005-4828

MDKSA: 2006:013