[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] Perhaps old news? IMAP - University of WA 12.264 overflow

Subject: [cobalt-security] Perhaps old news? IMAP - University of WA 12.264 overflow
From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
Date: Thu, 27 Dec 2001 18:36:22 +0100
Organization: Stauber Multimedia Design
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi all,

this is probably an old issue and has been talked about well before my time 
on this list. If that's the case, then I apologize for bringing it up again.

I just tried the Retina Network Security Scanner (v4.7.1) on a Raq3 and got 
the following security warning:

Mail Servers: IMAP - University of WA 12.264 overflow
=====================================

Description: Vulnerabilities have been found in COPY,LSUB,RENAME and FIND 
commands that could allow any attacker with a valid username/password 
combination to gain command shell access to the server where IMAPD is 
answering requests.

Risk Level: High

How To Fix: Upgrading to the latest version of IMAP will correct this as well 
as other vulnerabilities found in IMAP.

Related Links: IMAP Information Center (http://www.washington.edu/imap/)

CVE: CAN-2000-0284

BugtraqID: 1110 (http://www.securityfocus.com/bid/1110)

I've seen the advisory in the past, but didn't think it was relevant for the 
Cobalt RaQs due to the crippled IMAP implementation. Can anyone shed more 
light on this matter and tell if we're affected by this problem or not? 

Thanks!

-- 

With best regards,

Michael Stauber
mstauber@xxxxxxxxxxxxxx
Unix/Linux Support Engineer

Prev by Date: RE: [cobalt-security] RE: Si Becker <71362.22@xxxxxxxxxxxxxx>
Next by Date: RE:[cobalt-security] Securing RAQ3
Previous by thread: Re: [cobalt-security] Securing RAQ3
Next by thread: [cobalt-security] Re:Securing RAQ3

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index