Cyrus IMAP Server: Multiple vulnerabilities

Cyrus IMAP Server: Multiple vulnerabilities The Cyrus IMAP Server is affected by multiple vulnerabilities which could potentially lead to the remote execution of arbitrary code or a Denial of Service. Cyrus IMAP Server 2011-10-22 2011-10-22 283596 382349 385729 local, remote 2.4.12 2.4.12

The Cyrus IMAP Server is an efficient, highly-scalable IMAP e-mail server.

Multiple vulnerabilities have been discovered in the Cyrus IMAP Server. Please review the CVE identifiers referenced below for details.

An unauthenticated local or remote attacker may be able to execute arbitrary code with the privileges of the Cyrus IMAP Server process or cause a Denial of Service.

There is no known workaround at this time.

All Cyrus IMAP Server users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=net-mail/cyrus-imapd-2.4.12"

CVE-2009-2632 CVE-2011-3208 CVE-2011-3481 a3li underling