Date: Mon, 4 Jan 2021 14:03:19 +0200 From: Aki Tuomi <aki.tuomi@...ecot.fi> To: oss-security@...ts.openwall.com, fulldisclosure@...lists.org Subject: CVE-2020-25275: Dovecot: MIME parsing crash Open-Xchange Security Advisory 2021-01-04 Product: Dovecot Vendor: OX Software GmbH Internal reference: DOV-4113 (Bug ID) Vulnerability type: CWE-20: Improper Input Validation Vulnerable version: 2.3.11-22.214.171.124 Vulnerable component: lda, lmtp, imap Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 2.3.13 Vendor notification: 2020-09-10 Solution date: 2020-09-14 Public disclosure: 2021-01-04 CVE reference: CVE-2020-25275 CVSS: 5.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) Researcher credit: Innokentii Sennovskiy (Rumata888) from BI.ZONE Vulnerability Details: Mail delivery / parsing crashed when the 10 000th MIME part was message/rfc822 (or if parent was multipart/digest). This happened due to earlier MIME parsing changes for CVE-2020-12100. Risk: Malicious sender can crash dovecot repeatedly by sending / uploading message with more than 10 000 MIME parts. Workaround: These are usually dropped by MTA, where the mitigation can also be applied. Solution: Operators should update to 2.3.13 or later version. Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.