SB2011052502 - Multiple vulnerabilities in Dovecot
Published: May 25, 2011 Updated: August 11, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 vulnerabilities.
1) Input validation error (CVE-ID: CVE-2011-1929)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '�' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.
2) Configuration (CVE-ID: CVE-2011-2166)
CWE-ID: CWE-16 - Configuration
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote #AU# to read and manipulate data.
script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script.
3) Path traversal (CVE-ID: CVE-2011-2167)
CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote #AU# to read and manipulate data.
script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
Remediation
Install update from vendor's website.
References
- http://dovecot.org/pipermail/dovecot/2011-May/059085.html
- http://dovecot.org/pipermail/dovecot/2011-May/059086.html
- http://hg.dovecot.org/dovecot-1.1/rev/3698dfe0f21c
- http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061384.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060815.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060825.html
- http://openwall.com/lists/oss-security/2011/05/18/4
- http://openwall.com/lists/oss-security/2011/05/19/3
- http://openwall.com/lists/oss-security/2011/05/19/6
- http://osvdb.org/72495
- http://secunia.com/advisories/44683
- http://secunia.com/advisories/44712
- http://secunia.com/advisories/44756
- http://secunia.com/advisories/44771
- http://secunia.com/advisories/44827
- http://www.debian.org/security/2011/dsa-2252
- http://www.dovecot.org/doc/NEWS-1.2
- http://www.dovecot.org/doc/NEWS-2.0
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:101
- http://www.redhat.com/support/errata/RHSA-2011-1187.html
- http://www.securityfocus.com/bid/47930
- http://www.ubuntu.com/usn/USN-1143-1
- https://bugzilla.redhat.com/show_bug.cgi?id=706286
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67589
- https://hermes.opensuse.org/messages/8581790
- http://rhn.redhat.com/errata/RHSA-2013-0520.html
- http://secunia.com/advisories/52311
- http://www.securityfocus.com/bid/48003
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67675
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67674