what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2011-1929

Status Candidate

Overview

lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.

Related Files

Red Hat Security Advisory 2011-1187-01
Posted Aug 19, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1187-01 - Dovecot is an IMAP server for Linux, UNIX, and similar operating systems, primarily written with security in mind. A denial of service flaw was found in the way Dovecot handled NULL characters in certain header names. A mail message with specially-crafted headers could cause the Dovecot child process handling the target user's connection to crash, blocking them from downloading the message successfully and possibly leading to the corruption of their mailbox. Users of dovecot are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, the dovecot service will be restarted automatically.

tags | advisory, denial of service, imap
systems | linux, redhat, unix
advisories | CVE-2011-1929
SHA-256 | 66b39592d5b628556923975d937e6ea8db9f542bb93aafbf43312ca9b355d6d5
Ubuntu Security Notice USN-1143-1
Posted Jun 2, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1143-1 - It was discovered that the message header parser in Dovecot did not properly handle '\0' characters in header names. This could allow a remote attacker to cause a denial of service through a crafted email message by crashing the Dovecot daemon or corrupting mailboxes.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2011-1929
SHA-256 | 8e2a9e84338724a89034dfdf86bbff31632c42c0596a7577e20fe4e52ebd53e6
Mandriva Linux Security Advisory 2011-101
Posted May 26, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-101 - lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service via a crafted e-mail message.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2011-1929
SHA-256 | 35441f3acca0c62584cc4ccaf85769dcc37fed324a8a8c976f3e8c4d50eeaf10
Debian Security Advisory 2252-1
Posted Jun 2, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2252-1 - It was discovered that the message header parser in the Dovecot mail server parsed NUL characters incorrectly, which could lead to denial of service through malformed mail headers.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2011-1929
SHA-256 | 17c1016f6e148f176b63126765730b040726b057399b3a1b69c0ae4106f335bb
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close