Mandrake Linux Security Advisory : cyrus-imapd (MDKSA-2004:139)
Critical Nessus Plugin ID 15836
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionA number of vulnerabilities in the Cyrus-IMAP server were found by Stefan Esser. Due to insufficient checking within the argument parser of the 'partial' and 'fetch' commands, a buffer overflow could be exploited to execute arbitrary attacker-supplied code. Another exploitable buffer overflow could be triggered in situations when memory allocation files.
The provided packages have been patched to prevent these problems.
SolutionUpdate the affected packages.