Courier-IMAP Username SQL Injection Vulnerability

Courier-IMAP Username SQL Injection Vulnerability

Solution:
The vendor has addressed this issue in the latest version of Courier-IMAP.

Debian has released an advisory containing fixes. Information about obtaining and installing updates are available in the referenced advisory. Users of the apt-get system are able to issue either of the following commands to update their systems:

apt-get update
apt-get upgrade

Double Precision Incorporated Courier MTA 0.37.3

Debian courier-authpostgresql_0.37.3-3.3_alpha.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-aut hpostgresql_0.37.3-3.3_alpha.deb

Debian courier-authpostgresql_0.37.3-3.3_arm.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-aut hpostgresql_0.37.3-3.3_arm.deb

Debian courier-authpostgresql_0.37.3-3.3_hppa.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-aut hpostgresql_0.37.3-3.3_hppa.deb

Debian courier-authpostgresql_0.37.3-3.3_i386.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-aut hpostgresql_0.37.3-3.3_i386.deb

Debian courier-authpostgresql_0.37.3-3.3_ia64.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-aut hpostgresql_0.37.3-3.3_ia64.deb

Debian courier-authpostgresql_0.37.3-3.3_m68k.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-aut hpostgresql_0.37.3-3.3_m68k.deb

Debian courier-authpostgresql_0.37.3-3.3_mips.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-aut hpostgresql_0.37.3-3.3_mips.deb

Debian courier-authpostgresql_0.37.3-3.3_mipsel.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-aut hpostgresql_0.37.3-3.3_mipsel.deb

Debian courier-authpostgresql_0.37.3-3.3_powerpc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-aut hpostgresql_0.37.3-3.3_powerpc.deb

Debian courier-authpostgresql_0.37.3-3.3_s390.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-aut hpostgresql_0.37.3-3.3_s390.deb

Debian courier-authpostgresql_0.37.3-3.3_sparc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-aut hpostgresql_0.37.3-3.3_sparc.deb

Debian courier-imap-ssl_1.4.3-3.3_alpha.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-ima p-ssl_1.4.3-3.3_alpha.deb

Debian courier-imap-ssl_1.4.3-3.3_arm.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-ima p-ssl_1.4.3-3.3_arm.deb

Debian courier-imap-ssl_1.4.3-3.3_hppa.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-ima p-ssl_1.4.3-3.3_hppa.deb

Debian courier-imap-ssl_1.4.3-3.3_i386.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-ima p-ssl_1.4.3-3.3_i386.deb

Debian courier-imap-ssl_1.4.3-3.3_ia64.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-ima p-ssl_1.4.3-3.3_ia64.deb

Debian courier-imap-ssl_1.4.3-3.3_m68k.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-ima p-ssl_1.4.3-3.3_m68k.deb

Debian courier-imap-ssl_1.4.3-3.3_mips.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-ima p-ssl_1.4.3-3.3_mips.deb

Debian courier-imap-ssl_1.4.3-3.3_mipsel.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-ima p-ssl_1.4.3-3.3_mipsel.deb

Debian courier-imap-ssl_1.4.3-3.3_powerpc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-ima p-ssl_1.4.3-3.3_powerpc.deb

Debian courier-imap-ssl_1.4.3-3.3_s390.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-ima p-ssl_1.4.3-3.3_s390.deb

Debian courier-imap-ssl_1.4.3-3.3_sparc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-ima p-ssl_1.4.3-3.3_sparc.deb

Debian courier-mta-ssl_0.37.3-3.3_alpha.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-mta -ssl_0.37.3-3.3_alpha.deb

Debian courier-mta-ssl_0.37.3-3.3_arm.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-mta -ssl_0.37.3-3.3_arm.deb

Debian courier-mta-ssl_0.37.3-3.3_hppa.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-mta -ssl_0.37.3-3.3_hppa.deb

Debian courier-mta-ssl_0.37.3-3.3_i386.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-mta -ssl_0.37.3-3.3_i386.deb

Debian courier-mta-ssl_0.37.3-3.3_ia64.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-mta -ssl_0.37.3-3.3_ia64.deb

Debian courier-mta-ssl_0.37.3-3.3_m68k.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-mta -ssl_0.37.3-3.3_m68k.deb

Debian courier-mta-ssl_0.37.3-3.3_mips.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-mta -ssl_0.37.3-3.3_mips.deb

Debian courier-mta-ssl_0.37.3-3.3_mipsel.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-mta -ssl_0.37.3-3.3_mipsel.deb

Debian courier-mta-ssl_0.37.3-3.3_powerpc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-mta -ssl_0.37.3-3.3_powerpc.deb

Debian courier-mta-ssl_0.37.3-3.3_s390.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-mta -ssl_0.37.3-3.3_s390.deb

Debian courier-mta-ssl_0.37.3-3.3_sparc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-mta -ssl_0.37.3-3.3_sparc.deb

Debian courier-pop-ssl_0.37.3-3.3_alpha.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-pop -ssl_0.37.3-3.3_alpha.deb

Debian courier-pop-ssl_0.37.3-3.3_arm.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-pop -ssl_0.37.3-3.3_arm.deb

Debian courier-pop-ssl_0.37.3-3.3_hppa.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-pop -ssl_0.37.3-3.3_hppa.deb

Debian courier-pop-ssl_0.37.3-3.3_i386.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-pop -ssl_0.37.3-3.3_i386.deb

Debian courier-pop-ssl_0.37.3-3.3_ia64.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-pop -ssl_0.37.3-3.3_ia64.deb

Debian courier-pop-ssl_0.37.3-3.3_m68k.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-pop -ssl_0.37.3-3.3_m68k.deb

Debian courier-pop-ssl_0.37.3-3.3_mips.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-pop -ssl_0.37.3-3.3_mips.deb

Debian courier-pop-ssl_0.37.3-3.3_mipsel.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-pop -ssl_0.37.3-3.3_mipsel.deb

Debian courier-pop-ssl_0.37.3-3.3_powerpc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-pop -ssl_0.37.3-3.3_powerpc.deb

Debian courier-pop-ssl_0.37.3-3.3_s390.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-pop -ssl_0.37.3-3.3_s390.deb

Debian courier-pop-ssl_0.37.3-3.3_sparc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-pop -ssl_0.37.3-3.3_sparc.deb

Debian courier-ssl_0.37.3-3.3_alpha.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-ssl _0.37.3-3.3_alpha.deb

Debian courier-ssl_0.37.3-3.3_arm.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-ssl _0.37.3-3.3_arm.deb

Debian courier-ssl_0.37.3-3.3_hppa.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-ssl _0.37.3-3.3_hppa.deb

Debian courier-ssl_0.37.3-3.3_i386.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-ssl _0.37.3-3.3_i386.deb

Debian courier-ssl_0.37.3-3.3_ia64.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-ssl _0.37.3-3.3_ia64.deb

Debian courier-ssl_0.37.3-3.3_m68k.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-ssl _0.37.3-3.3_m68k.deb

Debian courier-ssl_0.37.3-3.3_mips.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-ssl _0.37.3-3.3_mips.deb

Debian courier-ssl_0.37.3-3.3_mipsel.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-ssl _0.37.3-3.3_mipsel.deb

Debian courier-ssl_0.37.3-3.3_powerpc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-ssl _0.37.3-3.3_powerpc.deb

Debian courier-ssl_0.37.3-3.3_s390.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-ssl _0.37.3-3.3_s390.deb

Debian courier-ssl_0.37.3-3.3_sparc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/c/courier-ssl/courier-ssl _0.37.3-3.3_sparc.deb

Inter7 Courier-IMAP 1.6

Inter7 Courier-IMAP 1.7.0
http://www.inter7.com/courierframe.html