[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-security] IMAP4rev1 v12.264
- Subject: RE: [cobalt-security] IMAP4rev1 v12.264
- From: Azi Azi <azi@xxxxxxx>
- Date: Fri, 18 Jan 2002 19:00:50 -0800 (PST)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
No im afraid not, however I was considering updating the imap server myself (if possible) without breaking the Raq. I am hoping someone here will advise if ...
1. It possible to do
2. If if breaks anything
3. Another way of fixing the bug
Regards
Matt
>Hello Matt,
>
> I was wondering if you got any kind of response from this post? I >have not
>done any testing yet, but it looks like (from the banner) our Cube III >is
>running IMAP4rev1 v12.264. I'm going to do some testing within the >next day
>or so to see if they have patched against two known remote bugs.
>Have a great day.
>> -----Original Message-----
>> From: cobalt-security-admin@xxxxxxxxxxxxxxx
>> [mailto:cobalt-security-admin@xxxxxxxxxxxxxxx]On Behalf Of Azi Azi
>> Sent: Thursday, January 17, 2002 7:37 AM
>> To: cobalt-security@xxxxxxxxxxxxxxx
>> Subject: [cobalt-security] IMAP4rev1 v12.264
>>
>>
>> Hi,
>>
>> I noticed whilst browsing for a different issue on Imap and
>> found that the version of Imap used by the Raq4i is IMAP4rev1 v12.264.
>>
>> This particular version is vulnerable to an exploitable
>> buffer overflow (LSUB argument). Do cobalt have any plans to
>> fix/patch/update ? or did I miss a patch somewhere along the
>> line - as this was made aware 26/2/2001.
>>
>> Regards
>>
>> Matt
>>
_____________________________________________________________
Supplying Your Everyday Needs ---> http://www.t35.com