Mandriva issued this advisory on October 14: http://lists.mandriva.com/security-announce/2011-10/msg00024.php The Cauldron version is also vulnerable, but upgrading it to a newer version (like 2.3.18 or the newest 2.4.x) would be sufficient to address these.
Hi, thanks for reporting this bug. Assigned to the package maintainer. (Please set the status to 'assigned' if you are working on it)
Keywords: (none) => TriagedAssignee: bugsquad => thomas
Also an advisory from Mandriva on May 24: http://lists.mandriva.com/security-announce/2011-05/msg00025.php This one requires a patch or update to 2.4.7 or newer.
Summary: cyrus-imapd missing security update for CVE-2011-3208 and CVE-2011-3372 => cyrus-imapd missing security update for CVE-2011-1926, CVE-2011-3208, and CVE-2011-3372
OK, I'll work on it
Status: NEW => ASSIGNED
it's in updates testing. FYI cyrus-imapd-2.3.15-CVE-2011-1926.diff seems to be applied to our mga1 (we have 2.3.16)
Thanks so we can reassign to the QA.
CC: (none) => thomasAssignee: thomas => qa-bugs
Testing complete on i586 for the srpm cyrus-imapd-2.3.16-4.1.mga1.src.rpm No poc, so just testing that the server works. Test done using opera to access my imap folders on localhost.
CC: (none) => davidwhodgins
Tested x86_64 using cyradm from cyrus-impad-utils Added an admin user in /etc/imapd.conf an restarted cyrus-imapd used cyradm localhost as the admin user and tested with various commands, (cm lq sq lam lm ver), commands found using 'help'. Update validated. Thomas you never supplied an advisory, are fixes included for both comment 0 and comment 2?
Thomas noted that the CVE from Comment 2 is already fixed in the version we have in Comment 4.
Advisory: ======================== Updated cyrus-imapd package fixes security vulnerabilities: Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command (CVE-2011-3208). Secunia Research has discovered a vulnerability in Cyrus IMAPd, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error within the authentication mechanism of the NNTP server, which can be exploited to bypass the authentication process and execute commands intended for authenticated users by sending an AUTHINFO USER command without a following AUTHINFO PASS command (CVE-2011-3372). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3372 http://www.mandriva.com/en/support/security/advisories/?dis=2010.1&name=MDVSA-2011:149 ======================== Updated packages in core/updates_testing: ======================== cyrus-imapd-2.3.16-4.1.mga1.i586.rpm cyrus-imapd-devel-2.3.16-4.1.mga1.i586.rpm cyrus-imapd-murder-2.3.16-4.1.mga1.i586.rpm cyrus-imapd-nntp-2.3.16-4.1.mga1.i586.rpm cyrus-imapd-utils-2.3.16-4.1.mga1.i586.rpm perl-Cyrus-2.3.16-4.1.mga1.i586.rpm from cyrus-imapd-2.3.16-4.1.mga1.src.rpm ======================== Could sysadmin please push from core/updates_testing to core/updates Thank you!
Keywords: Triaged => validated_updateCC: (none) => sysadmin-bugsHardware: i586 => All
I must have missed that, thankyou for interpreting.
update pushed
Status: ASSIGNED => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED