CentOS Update For Imap CESA-2009:0275 Centos3 I386 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

The imap package provides server daemons for both the IMAP (Internet Message Access Protocol) and POP (Post Office Protocol) mail access protocols. A buffer overflow flaw was discovered in the dmail and tmail mail delivery utilities shipped with imap. If either of these utilities were used as a mail delivery agent, a remote attacker could potentially use this flaw to run arbitrary code as the targeted user by sending a specially-crafted mail message to the victim. (CVE-2008-5005) Users of imap should upgrade to these updated packages, which contain a backported patch to resolve this issue.

Affected

imap on CentOS 3

References

http://lists.centos.org/pipermail/centos-announce/2009-February/015645.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-5005

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

CentOS Security Advisory CESA-2009:0479 (perl-DBD-Pg)
CentOS Security Advisory CESA-2009:1321 (nfs-utils)
CentOS Security Advisory CESA-2009:1060 (pidgin)
CentOS Security Advisory CESA-2009:0337 (php)
CentOS Security Advisory CESA-2009:1289 (mysql)

CentOS Update for imap CESA-2009:0275 centos3 i386

Take action and discover your vulnerabilities