Date: Tue, 21 May 2013 20:58:04 +0200 From: Agostino Sarubbo <ago@...too.org> To: oss-security@...ts.openwall.com Subject: CVE request: dovecot : "APPEND" Parameters Processing Denial of Service Vulnerability >From the secunia advisory SA53492 : Description A vulnerability has been reported in Dovecot, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to an error within IMAP functionality when processing the "APPEND" parameters and can be exploited to cause a hang. The vulnerability is reported in version 2.2. Solution Update to version 2.2.2. Provided and/or discovered by Reported by the vendor. Original Advisory http://www.dovecot.org/list/dovecot-news/2013-May/000255.html Commit: http://hg.dovecot.org/dovecot-2.2/rev/ea0390e1789f : https://secunia.com/advisories/53492/ -- Agostino Sarubbo Gentoo Linux Developer
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.