The imap package provides server daemons for both the IMAP (Internet
Message Access Protocol) and POP (Post Office Protocol) mail access
protocols.
A buffer overflow flaw was found in the c-client IMAP client. An attacker
could create a malicious IMAP server that if connected to by a victim could
execute arbitrary code on the client machine. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0297
to this issue.
Users of imap are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ia64 | imap-devel | < 2001a-11.0as | imap-devel-2001a-11.0as.ia64.rpm |
RedHat | any | ia64 | imap | < 2001a-11.0as | imap-2001a-11.0as.ia64.rpm |
RedHat | any | i386 | imap-devel | < 2001a-11.0as | imap-devel-2001a-11.0as.i386.rpm |
RedHat | any | i386 | imap | < 2001a-11.0as | imap-2001a-11.0as.i386.rpm |