Package name
cyrus-imapd
Date
2004-11-25
Advisory ID
MDKSA-2004:139
Affected versions
10.0 amd64 , 10.1 i586 , 10.0 i586 , 10.1 x86_64

Problem description

A number of vulnerabilities in the Cyrus-IMAP server were found by Stefan Esser. Due to insufficient checking within the argument parser of the 'partial' and 'fetch' commands, a buffer overflow could be exploited to execute arbitrary attacker-supplied code. Another exploitable buffer overflow could be triggered in situations when memory allocation files. The provided packages have been patched to prevent these problems.

Updated packages

10.0 amd64

 8c0a0ae9b8af0e852ff537790bb78b79  amd64/10.0/RPMS/cyrus-imapd-2.1.16-5.3.100mdk.amd64.rpm
54e359a8a63cf94d35cdda65455d8c2a  amd64/10.0/RPMS/cyrus-imapd-devel-2.1.16-5.3.100mdk.amd64.rpm
560d64e9c9db0f0aa7d20223b525a30e  amd64/10.0/RPMS/cyrus-imapd-murder-2.1.16-5.3.100mdk.amd64.rpm
f283e5fa417f62422cceed597972158f  amd64/10.0/RPMS/cyrus-imapd-utils-2.1.16-5.3.100mdk.amd64.rpm
547ae80ca8ef2a37f6afd877bc89b324  amd64/10.0/RPMS/perl-Cyrus-2.1.16-5.3.100mdk.amd64.rpm
89a64ea4af5fb2b3867e15abe1f38813  amd64/10.0/SRPMS/cyrus-imapd-2.1.16-5.3.100mdk.src.rpm

10.1 i586

 d8789ade849ca9fa4ca29320c538ec7d  10.1/RPMS/cyrus-imapd-2.2.8-4.1.101mdk.i586.rpm
2d10d7a5405712dc6fa60e0c751e6935  10.1/RPMS/cyrus-imapd-devel-2.2.8-4.1.101mdk.i586.rpm
a9bb0d482e65acfc4c0b55aa8449e61c  10.1/RPMS/cyrus-imapd-murder-2.2.8-4.1.101mdk.i586.rpm
5bd8c7ea1891db4d8eb9dd691480a0df  10.1/RPMS/cyrus-imapd-nntp-2.2.8-4.1.101mdk.i586.rpm
6a62e104fd24f40b85b673529aa82b38  10.1/RPMS/cyrus-imapd-utils-2.2.8-4.1.101mdk.i586.rpm
865c36af331c9bd111fd20d0d777a674  10.1/RPMS/perl-Cyrus-2.2.8-4.1.101mdk.i586.rpm
031465e275846f22279d4817f3b2a12d  10.1/SRPMS/cyrus-imapd-2.2.8-4.1.101mdk.src.rpm

10.0 i586

 d24a96383803817c7bc4873eddd788c5  10.0/RPMS/cyrus-imapd-2.1.16-5.3.100mdk.i586.rpm
4e2abc98c3467167e7d1e80c8673e627  10.0/RPMS/cyrus-imapd-devel-2.1.16-5.3.100mdk.i586.rpm
c86e00c698a0c1c6a86b72822822a21d  10.0/RPMS/cyrus-imapd-murder-2.1.16-5.3.100mdk.i586.rpm
7ad76d69b422fe93b819290dbb19d9c3  10.0/RPMS/cyrus-imapd-utils-2.1.16-5.3.100mdk.i586.rpm
96fd3591c761678893f43e86579a126d  10.0/RPMS/perl-Cyrus-2.1.16-5.3.100mdk.i586.rpm
89a64ea4af5fb2b3867e15abe1f38813  10.0/SRPMS/cyrus-imapd-2.1.16-5.3.100mdk.src.rpm

10.1 x86_64

 14302a4c19f67e797cf02278c2ac42c6  x86_64/10.1/RPMS/cyrus-imapd-2.2.8-4.1.101mdk.x86_64.rpm
b4e6c99bfdeac90e16475eec2e651b0e  x86_64/10.1/RPMS/cyrus-imapd-devel-2.2.8-4.1.101mdk.x86_64.rpm
38a0a974e95c96787bc857bb358afa84  x86_64/10.1/RPMS/cyrus-imapd-murder-2.2.8-4.1.101mdk.x86_64.rpm
bf5d0e23fa0a4ebbd1a46277621a4bb8  x86_64/10.1/RPMS/cyrus-imapd-nntp-2.2.8-4.1.101mdk.x86_64.rpm
b9f2f06d42079cb81221688d46c34446  x86_64/10.1/RPMS/cyrus-imapd-utils-2.2.8-4.1.101mdk.x86_64.rpm
f71573be7c4c32bf330ea105dff7df8b  x86_64/10.1/RPMS/perl-Cyrus-2.2.8-4.1.101mdk.x86_64.rpm
031465e275846f22279d4817f3b2a12d  x86_64/10.1/SRPMS/cyrus-imapd-2.2.8-4.1.101mdk.src.rpm

References