Lucene search
AnonymousEDB-ID:32551HistoryOct 30, 2008 - 12:00 a.m.
Dovecot 1.1.x - Invalid Message Address Parsing Denial of Service
2008-10-3000:00:00
anonymous
www.exploit-db.com
21
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/31997/info
Dovecot is prone to a remote denial-of-service vulnerability because it fails to handle certain specially crafted email headers.
An attacker can exploit this issue to prevent recipients from accessing their mailboxes.
For an exploit to succeed, the IMAP client connecting to Dovecot must use the FETCH ENVELOPE command.
The issue affects Dovecot 1.1.4 and 1.1.5.
The following invalid message address header is sufficient to trigger this issue:
"From: (" Related
debiancve
debiancve
CVE-2008-4907
2008-11-04 00:58:40
cvelist
cvelist
CVE-2008-4907
2008-11-04 00:00:00
nessus
nessus
Ubuntu 8.10 : dovecot vulnerability (USN-666-1)
2009-04-23 00:00:00
GLSA-200812-16 : Dovecot: Multiple vulnerabilities
2008-12-15 00:00:00
ubuntucve
ubuntucve
CVE-2008-4907
2008-11-04 00:00:00
prion
prion
Design/Logic Flaw
2008-11-04 00:58:00
openvas
openvas
Ubuntu: Security Advisory (USN-666-1)
2009-03-23 00:00:00
Ubuntu Update for dovecot vulnerability USN-666-1
2009-03-23 00:00:00
Gentoo Security Advisory GLSA 200812-16 (dovecot)
2008-12-23 00:00:00
securityvulns
securityvulns
[USN-666-1] Dovecot vulnerability
2008-11-10 00:00:00
Dovecot IMAP server DoS
2008-11-10 00:00:00
nvd
nvd
CVE-2008-4907
2008-11-04 00:58:40
cve
cve
CVE-2008-4907
2008-11-04 00:58:40
ubuntu
ubuntu
Dovecot vulnerability
2008-11-07 00:00:00
gentoo
gentoo
Dovecot: Multiple vulnerabilities
2008-12-14 00:00:00