Mandriva Linux Security Advisory : imapsync (MDVSA-2014:060)

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Synopsis :

The remote Mandriva Linux host is missing a security update.

Description :

Updated imapsync package fixes security vulnerabilities :

Imapsync, by default, runs a release check when executed, which causes
imapsync to connect to and send
information about the version of imapsync, the operating system and
perl (CVE-2013-4279).

The imapsync package has been patched to disable this feature.

In imapsync before 1.584, a certificate verification failure when
using the --tls option results in imapsync attempting a cleartext
login (CVE-2014-2014).

See also :

Solution :

Update the affected imapsync package.

Risk factor :

Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : true

Family: Mandriva Local Security Checks

Nessus Plugin ID: 73052 ()

Bugtraq ID: 65002

CVE ID: CVE-2013-4279

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now