Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Thu, 17 Sep 2009 09:36:32 +0200
From: Tomas Hoger <thoger@...hat.com>
To: oss-security@...ts.openwall.com
Cc: coley@...us.mitre.org
Subject: Re: CVE for recent cyrus-imap issue

On Wed, 16 Sep 2009 21:31:52 -0400 (EDT) "Steven M. Christey"
<coley@...us.mitre.org> wrote:

> CVE-2009-3235 is the new one; CVE-2009-2632 has been updated to list
> Dovecot.

Thank you!

> Name: CVE-2009-3235
> 
> Multiple stack-based buffer overflows in the Sieve plugin in Dovecot
> 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve,
> allow context-dependent attackers to cause a denial of service (crash)
> and possibly execute arbitrary code via a crafted SIEVE script, as
> demonstrated by forwarding an e-mail message to a large number of
> recipients, a different vulnerability than CVE-2009-2632.

These flaws are not specific to Dovecot and exist in cyrus-imapd too.
Upstream already applied Dovecot fixes in their CVS:

https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sieve/sieve.y.diff?r1=1.40;r2=1.41;f=h
https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sieve/bc_eval.c.diff?r1=1.14;r2=1.15;f=h
https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sieve/script.c.diff?r1=1.68;r2=1.69;f=h

Sorry if my mail was confusing at that point.

-- 
Tomas Hoger / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.