Mandrake Linux Security Advisory : cyrus-imapd (MDKSA-2005:051)

High Nessus Plugin ID 17280


The remote Mandrake Linux host is missing one or more security updates.


Several overruns have been fixed in the IMAP annote extension as well as in cached header handling which can be run by an authenticated user. As well, additional bounds checking in fetchnews was improved to avoid exploitation by a peer news admin.


Update the affected packages.

See Also

Plugin Details

Severity: High

ID: 17280

File Name: mandrake_MDKSA-2005-051.nasl

Version: $Revision: 1.14 $

Type: local

Published: 2005/03/06

Modified: 2013/05/31

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:cyrus-imapd, p-cpe:/a:mandriva:linux:cyrus-imapd-devel, p-cpe:/a:mandriva:linux:cyrus-imapd-murder, p-cpe:/a:mandriva:linux:cyrus-imapd-nntp, p-cpe:/a:mandriva:linux:cyrus-imapd-utils, p-cpe:/a:mandriva:linux:perl-Cyrus, cpe:/o:mandrakesoft:mandrake_linux:10.0, cpe:/o:mandrakesoft:mandrake_linux:10.1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 2005/03/04

Reference Information

CVE: CVE-2005-0546

MDKSA: 2005:051