Login
Newsletter
Werbung
Sicherheit: Pufferüberlauf in cyrus21-imapd
Aktuelle Meldungen Distributionen
Name: Pufferüberlauf in cyrus21-imapd
ID: USN-37-1
Distribution: Ubuntu
Plattformen: Ubuntu 4.10
Datum: Fr, 3. Dezember 2004, 12:00
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1067
Applikationen: Cyrus IMAP Server

Originalnachricht

 
===========================================================
Ubuntu Security Notice USN-37-1		  December 02, 2004
cyrus21-imapd vulnerability
CAN-2004-1067
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

cyrus21-imapd

The problem can be corrected by upgrading the affected package to
version 2.1.16-6ubuntu0.2.  In general, a standard system upgrade is
sufficient to effect the necessary changes.

Details follow:

Recently another buffer overflow has been discovered in the SASL
authentication module of the Cyrus IMAP server. An off-by-one
comparison error in the mysasl_canon_user() function could lead to a
missing termination of an user name string.

This vulnerability could allow remote, attacker-supplied machine code
to be executed in the context of the affected server process. Since
the IMAP server usually runs as unprivileged user 'cyrus', there is no
possibility of root privilege escalation.

  Source archives:

    cyrus21-imapd_2.1.16-6ubuntu0.2.diff.gz
      Size/MD5:   235236 7a90d7ad4ac770160a9891e9d1d78fa4
    cyrus21-imapd_2.1.16-6ubuntu0.2.dsc
      Size/MD5:     1040 927bcc3f3f6d5ebd89ed6ca0eb6bf10a
    cyrus21-imapd_2.1.16.orig.tar.gz
      Size/MD5:  1687454 8f4ff803a910d0f4e4cfab3b13a6080d

  Architecture independent packages:

    cyrus21-admin_2.1.16-6ubuntu0.2_all.deb
      Size/MD5:    87954 6a67d53239fb148a652e645a4df8eee9
    cyrus21-doc_2.1.16-6ubuntu0.2_all.deb
      Size/MD5:   206582 5b01c7f365e9fd6244f9ac6fda53d841

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    cyrus21-clients_2.1.16-6ubuntu0.2_amd64.deb
      Size/MD5:   107038 80491bb2019d48d4af743584865d5916
    cyrus21-common_2.1.16-6ubuntu0.2_amd64.deb
      Size/MD5:  2071536 49858ca6b1f98ba862121315e182049c
    cyrus21-dev_2.1.16-6ubuntu0.2_amd64.deb
      Size/MD5:   267956 c23cdf07ed433032e1e52aff0650f3b8
    cyrus21-imapd_2.1.16-6ubuntu0.2_amd64.deb
      Size/MD5:   591188 714d7a5ced1f53009de48c11c3e5b0be
    cyrus21-murder_2.1.16-6ubuntu0.2_amd64.deb
      Size/MD5:   526740 522a06302593cabe6aff587fb6c41665
    cyrus21-pop3d_2.1.16-6ubuntu0.2_amd64.deb
      Size/MD5:    93082 3416c83c2a7bed58f11cae29c4a3a984
    libcyrus-imap-perl21_2.1.16-6ubuntu0.2_amd64.deb
      Size/MD5:   137756 2feafe3b400c06132f98a9c05f6308c7

  i386 architecture (x86 compatible Intel/AMD)

    cyrus21-clients_2.1.16-6ubuntu0.2_i386.deb
      Size/MD5:   104226 280b89486ec13768ba04636484415ae5
    cyrus21-common_2.1.16-6ubuntu0.2_i386.deb
      Size/MD5:  1949446 b4d113e62f7ce2345d66e351bb4a0a26
    cyrus21-dev_2.1.16-6ubuntu0.2_i386.deb
      Size/MD5:   261402 86e186b7567dbb4c1f2983cf8ee39c0d
    cyrus21-imapd_2.1.16-6ubuntu0.2_i386.deb
      Size/MD5:   561750 b79b30937be975264a9b3c04997c2148
    cyrus21-murder_2.1.16-6ubuntu0.2_i386.deb
      Size/MD5:   493320 02d235391908f72dceb60ab585e4c817
    cyrus21-pop3d_2.1.16-6ubuntu0.2_i386.deb
      Size/MD5:    85208 31690f0e200890b893b33121b1000950
    libcyrus-imap-perl21_2.1.16-6ubuntu0.2_i386.deb
      Size/MD5:   133822 b3a297c32a6d11e18a6f90c3ccf92bb7

  powerpc architecture (Apple Macintosh G3/G4/G5)

    cyrus21-clients_2.1.16-6ubuntu0.2_powerpc.deb
      Size/MD5:   106846 0ab7eaa810591f3689ae81ba44f0ab6f
    cyrus21-common_2.1.16-6ubuntu0.2_powerpc.deb
      Size/MD5:  2083576 743b5aa1f54b05e4d22de593640286f0
    cyrus21-dev_2.1.16-6ubuntu0.2_powerpc.deb
      Size/MD5:   265432 c2bfc27fcf9653b0d4bfdae990119e6e
    cyrus21-imapd_2.1.16-6ubuntu0.2_powerpc.deb
      Size/MD5:   593504 c228969eb062341bc5fab1b01731f1f0
    cyrus21-murder_2.1.16-6ubuntu0.2_powerpc.deb
      Size/MD5:   527666 c3bbf1358235ac4edd8e7b884ccbc15f
    cyrus21-pop3d_2.1.16-6ubuntu0.2_powerpc.deb
      Size/MD5:    93268 212df47e59c3b55021ba24527c1430b1
    libcyrus-imap-perl21_2.1.16-6ubuntu0.2_powerpc.deb
      Size/MD5:   135804 f862a4e9a5aaf934193221325b4fdc02





-- 
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
http://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung