oss-sec mailing list archives
CVE request: dovecot : "APPEND" Parameters Processing Denial of Service Vulnerability
From: Agostino Sarubbo <ago () gentoo org>
Date: Tue, 21 May 2013 20:58:04 +0200
From the secunia advisory SA53492[1] :
Description A vulnerability has been reported in Dovecot, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to an error within IMAP functionality when processing the "APPEND" parameters and can be exploited to cause a hang. The vulnerability is reported in version 2.2. Solution Update to version 2.2.2. Provided and/or discovered by Reported by the vendor. Original Advisory http://www.dovecot.org/list/dovecot-news/2013-May/000255.html Commit: http://hg.dovecot.org/dovecot-2.2/rev/ea0390e1789f [1]: https://secunia.com/advisories/53492/ -- Agostino Sarubbo Gentoo Linux Developer
Current thread:
- CVE request: dovecot : "APPEND" Parameters Processing Denial of Service Vulnerability Agostino Sarubbo (May 21)
- Re: CVE request: dovecot : "APPEND" Parameters Processing Denial of Service Vulnerability Huzaifa Sidhpurwala (May 22)
- Re: CVE request: dovecot : "APPEND" Parameters Processing Denial of Service Vulnerability Jan Lieskovsky (May 22)
- Re: CVE request: dovecot : "APPEND" Parameters Processing Denial of Service Vulnerability Timo Sirainen (May 22)
- Re: CVE request: dovecot : "APPEND" Parameters Processing Denial of Service Vulnerability Kurt Seifried (May 24)
- Re: CVE request: dovecot : "APPEND" Parameters Processing Denial of Service Vulnerability Timo Sirainen (May 22)