Mandriva Linux Security Advisory : cyrus-imapd (MDVSA-2012:037)
Medium Nessus Plugin ID 58476
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability has been found and corrected in cyrus-imapd :
The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message (CVE-2011-3481).
The updated packages have been patched to correct this issue.
SolutionUpdate the affected packages.