CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
Low
EPSS
Percentile
95.9%
Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to “yes,” allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.
Vendor | Product | Version | CPE |
---|---|---|---|
timo_sirainen | dovecot | 1.0 | cpe:2.3:a:timo_sirainen:dovecot:1.0:*:*:*:*:*:*:* |
timo_sirainen | dovecot | 1.0.alpha1 | cpe:2.3:a:timo_sirainen:dovecot:1.0.alpha1:*:*:*:*:*:*:* |
timo_sirainen | dovecot | 1.0.alpha2 | cpe:2.3:a:timo_sirainen:dovecot:1.0.alpha2:*:*:*:*:*:*:* |
timo_sirainen | dovecot | 1.0.alpha3 | cpe:2.3:a:timo_sirainen:dovecot:1.0.alpha3:*:*:*:*:*:*:* |
timo_sirainen | dovecot | 1.0.alpha4 | cpe:2.3:a:timo_sirainen:dovecot:1.0.alpha4:*:*:*:*:*:*:* |
timo_sirainen | dovecot | 1.0.alpha5 | cpe:2.3:a:timo_sirainen:dovecot:1.0.alpha5:*:*:*:*:*:*:* |
timo_sirainen | dovecot | 1.0.beta1 | cpe:2.3:a:timo_sirainen:dovecot:1.0.beta1:*:*:*:*:*:*:* |
timo_sirainen | dovecot | 1.0.beta2 | cpe:2.3:a:timo_sirainen:dovecot:1.0.beta2:*:*:*:*:*:*:* |
timo_sirainen | dovecot | 1.0.beta3 | cpe:2.3:a:timo_sirainen:dovecot:1.0.beta3:*:*:*:*:*:*:* |
timo_sirainen | dovecot | 1.0.beta4 | cpe:2.3:a:timo_sirainen:dovecot:1.0.beta4:*:*:*:*:*:*:* |
dovecot.org/list/dovecot-news/2006-November/000023.html
dovecot.org/pipermail/dovecot-news/2006-November/000024.html
secunia.com/advisories/23007
secunia.com/advisories/23150
secunia.com/advisories/23172
secunia.com/advisories/23213
securitytracker.com/id?1017288
www.novell.com/linux/security/advisories/2006_73_mono.html
www.securityfocus.com/archive/1/452081/100/0/threaded
www.securityfocus.com/bid/21183/info
www.ubuntu.com/usn/usn-387-1
www.vupen.com/english/advisories/2006/4614
exchange.xforce.ibmcloud.com/vulnerabilities/30433
issues.rpath.com/browse/RPL-802