oss-sec mailing list archives
Re: CVE request: dovecot : "APPEND" Parameters Processing Denial of Service Vulnerability
From: Huzaifa Sidhpurwala <huzaifas () redhat com>
Date: Wed, 22 May 2013 16:20:30 +0530
On 05/22/2013 12:28 AM, Agostino Sarubbo wrote:
From the secunia advisory SA53492[1] : Description A vulnerability has been reported in Dovecot, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to an error within IMAP functionality when processing the "APPEND" parameters and can be exploited to cause a hang. The vulnerability is reported in version 2.2. Solution Update to version 2.2.2. Provided and/or discovered by Reported by the vendor. Original Advisory http://www.dovecot.org/list/dovecot-news/2013-May/000255.html Commit: http://hg.dovecot.org/dovecot-2.2/rev/ea0390e1789f [1]: https://secunia.com/advisories/53492/
Note: I found a similar commit in dovecot-2.2 repo: http://hg.dovecot.org/dovecot-2.2/rev/0b7039a614f7 the commit message says " imap: Fixed assert-crash on invalid APPEND parameters." I am not very familiar with the dovecot code, but taking a brief look suggests that parsing APPEND in some way could result in hitting assert. -- Huzaifa Sidhpurwala / Red Hat Security Response Team
Current thread:
- CVE request: dovecot : "APPEND" Parameters Processing Denial of Service Vulnerability Agostino Sarubbo (May 21)
- Re: CVE request: dovecot : "APPEND" Parameters Processing Denial of Service Vulnerability Huzaifa Sidhpurwala (May 22)
- Re: CVE request: dovecot : "APPEND" Parameters Processing Denial of Service Vulnerability Jan Lieskovsky (May 22)
- Re: CVE request: dovecot : "APPEND" Parameters Processing Denial of Service Vulnerability Timo Sirainen (May 22)
- Re: CVE request: dovecot : "APPEND" Parameters Processing Denial of Service Vulnerability Kurt Seifried (May 24)
- Re: CVE request: dovecot : "APPEND" Parameters Processing Denial of Service Vulnerability Timo Sirainen (May 22)