dovecot: denial of service, possible mailbox corruption
| Package(s): | dovecot |
CVE #(s): | CVE-2011-1929
|
| Created: | May 26, 2011 |
Updated: | September 23, 2011 |
| Description: |
From the Mandriva advisory:
lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and
2.0.x before 2.0.13 does not properly handle '\0' (NUL) characters
in header names, which allows remote attackers to cause a denial of
service (daemon crash or mailbox corruption) via a crafted e-mail
message (CVE-2011-1929).
|
| Alerts: |
| Gentoo |
201110-04 |
dovecot |
2011-10-10 |
| CentOS |
CESA-2011:1187 |
dovecot |
2011-09-22 |
| CentOS |
CESA-2011:1187 |
dovecot |
2011-08-19 |
| Scientific Linux |
SL-dove-20110818 |
dovecot |
2011-08-18 |
| Red Hat |
RHSA-2011:1187-01 |
dovecot |
2011-08-18 |
| Fedora |
FEDORA-2011-7612 |
dovecot |
2011-05-27 |
| Debian |
DSA-2252-1 |
dovecot |
2011-06-02 |
| Ubuntu |
USN-1143-1 |
dovecot |
2011-06-02 |
| SUSE |
SUSE-SR:2011:010 |
postfix, libthunarx-2-0, rdesktop, python, viewvc, kvm, exim, logrotate, dovecot12/dovecot20, pure-ftpd, kdelibs4 |
2011-05-31 |
| Fedora |
FEDORA-2011-7258 |
dovecot |
2011-05-19 |
| Fedora |
FEDORA-2011-7268 |
dovecot |
2011-05-19 |
| openSUSE |
openSUSE-SU-2011:0540-1 |
dovecot |
2011-05-26 |
| Mandriva |
MDVSA-2011:101 |
dovecot |
2011-05-26 |
|
