Date: Tue, 21 May 2013 20:58:04 +0200 From: Agostino Sarubbo <ago@...too.org> To: oss-security@...ts.openwall.com Subject: CVE request: dovecot : "APPEND" Parameters Processing Denial of Service Vulnerability >From the secunia advisory SA53492 : Description A vulnerability has been reported in Dovecot, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to an error within IMAP functionality when processing the "APPEND" parameters and can be exploited to cause a hang. The vulnerability is reported in version 2.2. Solution Update to version 2.2.2. Provided and/or discovered by Reported by the vendor. Original Advisory http://www.dovecot.org/list/dovecot-news/2013-May/000255.html Commit: http://hg.dovecot.org/dovecot-2.2/rev/ea0390e1789f : https://secunia.com/advisories/53492/ -- Agostino Sarubbo Gentoo Linux Developer
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.