Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 22 May 2013 16:20:30 +0530
From: Huzaifa Sidhpurwala <huzaifas@...hat.com>
To: oss-security@...ts.openwall.com
CC: Agostino Sarubbo <ago@...too.org>
Subject: Re: CVE request: dovecot : "APPEND" Parameters Processing
 Denial of Service Vulnerability

On 05/22/2013 12:28 AM, Agostino Sarubbo wrote:
> From the secunia advisory SA53492[1] :
> 
> Description
> A vulnerability has been reported in Dovecot, which can be exploited by 
> malicious users to cause a DoS (Denial of Service).
> 
> The vulnerability is caused due to an error within IMAP functionality when 
> processing the "APPEND" parameters and can be exploited to cause a hang.
> 
> The vulnerability is reported in version 2.2.
> 
> 
> Solution
> Update to version 2.2.2.
> 
> Provided and/or discovered by
> Reported by the vendor.
> 
> Original Advisory
> http://www.dovecot.org/list/dovecot-news/2013-May/000255.html
> 
> Commit:
> http://hg.dovecot.org/dovecot-2.2/rev/ea0390e1789f
> 
> [1]: https://secunia.com/advisories/53492/
> 

Note: I found a similar commit in dovecot-2.2 repo:

http://hg.dovecot.org/dovecot-2.2/rev/0b7039a614f7

the commit message says " imap: Fixed assert-crash on invalid APPEND
parameters."

I am not very familiar with the dovecot code, but taking a brief look
suggests that parsing APPEND in some way could result in hitting assert.

-- 
Huzaifa Sidhpurwala / Red Hat Security Response Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.