Date: Wed, 12 Feb 2020 14:05:02 +0200 From: Aki Tuomi <aki.tuomi@...ecot.fi> To: oss-security <oss-security@...ts.openwall.com>, full-disclosure <full-disclosure@...ts.openwall.com> Subject: CVE-2020-7046: Dovecot: Truncated UTF-8 can be used to DoS submission-login and lmtp processes Open-Xchange Security Advisory 2020-02-12 Affected product: Dovecot Core Internal reference: DOV-3744 (JIRA ID) Vulnerability type: Improper Input Validation (CWE-30) Vulnerable version: 2.3.9 Vulnerable component: submission-login, lmtp Fixed version: 18.104.22.168 Report confidence: Confirmed Solution status: Fixed Researcher credits: Open-Xchange oy Vendor notification: 2020-01-14 CVE reference: CVE-2020-7046 CVSS: 7.5 (CVSS3.1:AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) Vulnerability Details: lib-smtp doesn't handle truncated command parameters properly, resulting in infinite loop taking 100% CPU for the process. This happens for LMTP (where it doesn't matter so much) and also for submission-login where unauthenticated users can trigger it. Risk: Attacker can cause submission-login and lmtp processes to be exhausted, leading into denial of service and CPU resource exhaustion. Solution: Upgrade to 22.214.171.124. Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.