Detections
Analytics
Oracle Linux 4 / 5 / 6 : cyrus-imapd (ELSA-2011-0859)
medium Nessus Plugin ID 68289
Language:
Synopsis
The remote Oracle Linux host is missing one or more security updates.Description
From Red Hat Security Advisory 2011:0859 :Updated cyrus-imapd packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6.
The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support.
It was discovered that cyrus-imapd did not flush the received commands buffer after switching to TLS encryption for IMAP, LMTP, NNTP, and POP3 sessions. A man-in-the-middle attacker could use this flaw to inject protocol commands into a victim's TLS session initialization messages. This could lead to those commands being processed by cyrus-imapd, potentially allowing the attacker to steal the victim's mail or authentication credentials. (CVE-2011-1926)
Users of cyrus-imapd are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, cyrus-imapd will be restarted automatically.
Solution
Update the affected cyrus-imapd packages.See Also
https://oss.oracle.com/pipermail/el-errata/2011-June/002179.html
https://oss.oracle.com/pipermail/el-errata/2011-June/002183.html
https://oss.oracle.com/pipermail/el-errata/2011-June/002184.html
Plugin Details
Severity: Medium
ID: 68289
File Name: oraclelinux_ELSA-2011-0859.nasl
Version: 1.13
Type: local
Agent: unix
Published: 7/12/2013
Updated: 1/14/2021
Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.3
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: p-cpe:/a:oracle:linux:cyrus-imapd-devel, p-cpe:/a:oracle:linux:cyrus-imapd-murder, cpe:/o:oracle:linux:5, p-cpe:/a:oracle:linux:cyrus-imapd, cpe:/o:oracle:linux:4, p-cpe:/a:oracle:linux:cyrus-imapd-nntp, p-cpe:/a:oracle:linux:cyrus-imapd-perl, p-cpe:/a:oracle:linux:perl-cyrus, p-cpe:/a:oracle:linux:cyrus-imapd-utils, cpe:/o:oracle:linux:6
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/OracleLinux
Exploit Ease: No known exploits are available
Patch Publication Date: 6/9/2011
Vulnerability Publication Date: 3/16/2011
Reference Information
CVE: CVE-2011-0411, CVE-2011-1926
BID: 46767
RHSA: 2011:0859