Bug 1520 - Dovecot vulnerability
Summary: Dovecot vulnerability
Status: RESOLVED INVALID
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: Cauldron
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: Mageia Bug Squad
QA Contact:
URL:
Whiteboard:
Keywords:
: 1550 (view as bug list)
Depends on:
Blocks:
 
Reported: 2011-06-02 10:49 CEST by Jérôme Soyer
Modified: 2011-08-30 12:01 CEST (History)
3 users (show)

See Also:
Source RPM: dovecot-1.2.17-1.mga1.src.rpm
CVE:
Status comment:


Attachments

Description Jérôme Soyer 2011-06-02 10:49:57 CEST
Summary:

An attacker could send a crafted email message that could disrupt email
service.

Software Description:
- dovecot: IMAP and POP3 email server

Details:

It was discovered that the message header parser in Dovecot did not
properly handle '\0' characters in header names. This could allow a
remote attacker to cause a denial of service through a crafted email
message by crashing the Dovecot daemon or corrupting mailboxes.
Comment 1 Pascal Terjan 2011-06-07 11:31:21 CEST
*** Bug 1550 has been marked as a duplicate of this bug. ***
Comment 2 Pascal Terjan 2011-06-07 11:31:34 CEST
CVE-2011-1929

CC: (none) => pterjan

Manuel Hiebel 2011-08-30 09:53:17 CEST

CC: (none) => dmorganec

Comment 3 Anne Nicolas 2011-08-30 12:01:27 CEST
Not available for Mageia as we already ship 2.1.17 version. This applies only to versions < 2.1.17

Status: NEW => RESOLVED
CC: (none) => ennael1
Resolution: (none) => INVALID


Note You need to log in before you can comment on or make changes to this bug.