Mailinglist Archive: opensuse-security (145 mails)

< Previous Next >
Cyrus remote vulnerability
what about vulnerabilities reported here :

http://security.e-matters.de/advisories/152004.html

is someone working on an update ?
even if most of the advisories concern authenticated users (someone with
a valid account) they can permit remote code execution (with cyrus user
privileges I think,so an attacker could remove all mailboxes on the
server for instance).

will patches be available soon ? any news ? the vendor has yet corrected
the bug.

regards

--
YACME S.r.l.
Via del Mobiliere, 9 40138 Bologna
Phone: +39 051 538709
Fax: +39 051 532399


< Previous Next >
Follow Ups