Mailinglist Archive: opensuse-security (145 mails)

< Previous Next >
Cyrus remote vulnerability
what about vulnerabilities reported here :

is someone working on an update ?
even if most of the advisories concern authenticated users (someone with
a valid account) they can permit remote code execution (with cyrus user
privileges I think,so an attacker could remove all mailboxes on the
server for instance).

will patches be available soon ? any news ? the vendor has yet corrected
the bug.


YACME S.r.l.
Via del Mobiliere, 9 40138 Bologna
Phone: +39 051 538709
Fax: +39 051 532399

< Previous Next >
Follow Ups