The problem can be corrected by upgrading the affected package to
version 4.2.5-3.5ubuntu0.4.10 (for Ubuntu 4.10), 4.2.5-3.5ubuntu0.5.04
(for Ubuntu 5.04), or 4.2.5-5ubuntu0.1 (for Ubuntu 5.10). After a
standard system upgrade you need to restart the cyrus email
(with root privileges, e. g. with using sudo).
USN-190-1 fixed a vulnerability in the net-snmp library. It was
discovered that the same problem also affects the ucs-snmp
implementation (which is used by the Cyrus email server).
A remote Denial of Service has been discovered in the SMNP (Simple
Network Management Protocol) library. If a SNMP agent uses TCP sockets
for communication, a malicious SNMP server could exploit this to crash
the agent. Please note that by default SNMP uses UDP sockets.