oss-sec mailing list archives
Re: CVE for recent cyrus-imap issue
From: "Steven M. Christey" <coley () linus mitre org>
Date: Wed, 16 Sep 2009 21:31:52 -0400 (EDT)
On Mon, 14 Sep 2009, Tomas Hoger wrote:
On Tue, 8 Sep 2009 18:07:33 +0200 Nico Golde <oss-security+ml () ngolde de> wrote:CVE-2009-2632Looks like few more overflows were spotted and fixed by Dovecot upstream while fixing this issue in their copy of CMU sieve code: http://dovecot.org/list/dovecot-news/2009-September/000135.html These seem to deserve separate CVE.
CVE-2009-3235 is the new one; CVE-2009-2632 has been updated to list Dovecot. - Steve ====================================================== Name: CVE-2009-2632 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2632 Reference: MLIST:[Cyrus-CVS] 20090902 src/sieve by brong Reference: URL:https://lists.andrew.cmu.edu/pipermail/cyrus-cvs/2009-September/001253.html Reference: MLIST:[Cyrus-CVS] 20090902 src/sieve by brong Reference: URL:https://lists.andrew.cmu.edu/pipermail/cyrus-cvs/2009-September/001254.html Reference: MLIST:[Dovecot-news] 20090914 Security holes in CMU Sieve plugin Reference: URL:http://dovecot.org/list/dovecot-news/2009-September/000135.html Reference: MLIST:[oss-security] 20090914 Re: CVE for recent cyrus-imap issue Reference: URL:http://www.openwall.com/lists/oss-security/2009/09/14/3 Reference: CONFIRM:https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sieve/script.c.diff?r1=1.62&r2=1.62.2.1&only_with_tag=cyrus-imapd-2_2-tail Reference: DEBIAN:DSA-1881 Reference: URL:http://www.debian.org/security/2009/dsa-1881 Reference: FEDORA:FEDORA-2009-9559 Reference: URL:https://www.redhat.com/archives/fedora-package-announce/2009-September/msg00491.html Reference: BID:36296 Reference: URL:http://www.securityfocus.com/bid/36296 Reference: BID:36377 Reference: URL:http://www.securityfocus.com/bid/36377 Reference: OSVDB:58103 Reference: URL:http://www.osvdb.org/58103 Reference: SECUNIA:36629 Reference: URL:http://secunia.com/advisories/36629 Reference: SECUNIA:36632 Reference: URL:http://secunia.com/advisories/36632 Reference: SECUNIA:36698 Reference: URL:http://secunia.com/advisories/36698 Reference: SECUNIA:36713 Reference: URL:http://secunia.com/advisories/36713 Reference: VUPEN:ADV-2009-2559 Reference: URL:http://www.vupen.com/english/advisories/2009/2559 Reference: VUPEN:ADV-2009-2641 Reference: URL:http://www.vupen.com/english/advisories/2009/2641 Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error. ====================================================== Name: CVE-2009-3235 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3235 Reference: MLIST:[Dovecot-news] 20090914 Security holes in CMU Sieve plugin Reference: URL:http://dovecot.org/list/dovecot-news/2009-September/000135.html Reference: MLIST:[oss-security] 20090914 Re: CVE for recent cyrus-imap issue Reference: URL:http://www.openwall.com/lists/oss-security/2009/09/14/3 Reference: FEDORA:FEDORA-2009-9559 Reference: URL:https://www.redhat.com/archives/fedora-package-announce/2009-September/msg00491.html Reference: BID:36377 Reference: URL:http://www.securityfocus.com/bid/36377 Reference: OSVDB:58103 Reference: URL:http://www.osvdb.org/58103 Reference: SECUNIA:36698 Reference: URL:http://secunia.com/advisories/36698 Reference: SECUNIA:36713 Reference: URL:http://secunia.com/advisories/36713 Reference: VUPEN:ADV-2009-2641 Reference: URL:http://www.vupen.com/english/advisories/2009/2641 Reference: XF:cmu-sieve-dovecot-unspecified-bo(53248) Reference: URL:http://xforce.iss.net/xforce/xfdb/53248 Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
Current thread:
- CVE for recent cyrus-imap issue Sebastian Krahmer (Sep 08)
- Re: CVE for recent cyrus-imap issue Thomas Biege (Sep 08)
- Re: CVE for recent cyrus-imap issue Chad Dougherty (Sep 08)
- Re: CVE for recent cyrus-imap issue Nico Golde (Sep 08)
- Re: CVE for recent cyrus-imap issue Steven M. Christey (Sep 08)
- Re: CVE for recent cyrus-imap issue Tomas Hoger (Sep 14)
- Re: CVE for recent cyrus-imap issue Steven M. Christey (Sep 16)
- Re: CVE for recent cyrus-imap issue Tomas Hoger (Sep 17)
- Re: CVE for recent cyrus-imap issue Chad Dougherty (Sep 08)
- Re: CVE for recent cyrus-imap issue Thomas Biege (Sep 08)