Detections
Analytics
Debian DSA-1893-1 : cyrus-imapd-2.2 kolab-cyrus-imapd - buffer overflow
high Nessus Plugin ID 44758
Language:
Synopsis
The remote Debian host is missing a security-related update.Description
It was discovered that the SIEVE component of cyrus-imapd and kolab-cyrus-imapd, the Cyrus mail system, is vulnerable to a buffer overflow when processing SIEVE scripts. This can be used to elevate privileges to the cyrus system user. An attacker who is able to install SIEVE scripts executed by the server is therefore able to read and modify arbitrary email messages on the system. The update introduced by DSA 1881-1 was incomplete and the issue has been given an additional CVE id due to its complexity.Solution
Upgrade the cyrus-imapd-2.2 and kolab-cyrus-imapd packages.For the oldstable distribution (etch), this problem has been fixed in version 2.2.13-10+etch4 for cyrus-imapd-2.2 and version 2.2.13-2+etch2 for kolab-cyrus-imapd.
For the stable distribution (lenny), this problem has been fixed in version 2.2.13-14+lenny3 for cyrus-imapd-2.2, version 2.2.13-5+lenny2 for kolab-cyrus-imapd.
See Also
Plugin Details
Severity: High
ID: 44758
File Name: debian_DSA-1893.nasl
Version: 1.11
Type: local
Agent: unix
Family: Debian Local Security Checks
Published: 2/24/2010
Updated: 1/4/2021
Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: p-cpe:/a:debian:debian_linux:cyrus-imapd-2.2, p-cpe:/a:debian:debian_linux:kolab-cyrus-imapd, cpe:/o:debian:debian_linux:4.0, cpe:/o:debian:debian_linux:5.0
Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l
Exploit Ease: No known exploits are available
Patch Publication Date: 9/23/2009
Reference Information
CVE: CVE-2009-2632, CVE-2009-3235
CWE: 119
DSA: 1893