LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

dovecot: buffer overflows

Package(s):dovecot CVE #(s):CVE-2009-3235
Created:September 23, 2009 Updated:October 5, 2010
Description: From the Mandriva alert: Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632 (CVE-2009-3235).
Alerts:
Gentoo 201110-04 2011-10-10
Mandriva MDVSA-2010:196 2010-10-04
Ubuntu USN-838-1 2009-09-28
Fedora FEDORA-2009-9901 2009-09-24
Fedora FEDORA-2009-9869 2009-09-24
Debian DSA-1893-1 2009-09-23
Debian DSA-1892-1 2009-09-23
Red Hat RHSA-2009:1459-04 2009-09-23
Mandriva MDVSA-2009:242-1 2009-09-22
Mandriva MDVSA-2009:242 2009-09-22
SuSE SUSE-SR:2009:018 2009-11-10
SuSE SUSE-SR:2009:016 2009-10-13
CentOS CESA-2009:1459 2009-10-30
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds