Mac OS X Server v10.6.5: memory aliasing Vulnerability

Users of Mac OS X Server v10.6.5 please be advised of a memory aliasing vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

APPLE-SA-2010-11-15-1: [APPLE-SA-2010-11-15-1] Mac OS X Server v10.6.5 (10H575)
Description: A memory aliasing issue in Dovecot’s handling of user

names exists in Mac OS X Server v10.6.5 (10H574). On systems

configured with Dovecot as a mail server, a user may receive mail

that was intended for other users. This issue is addressed through

improved memory management. Dovecot is only provided with Mac OS X

Server systems. This issue only affects systems running Mac OS X

Server v10.6.5 (10H574). This issue does not affect the Dovecot open

source project.

Read more at http://www.criticalwatch.com
 

Advertisements