Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <df88d6a7-2a82-7fce-9701-1336d104048a@dovecot.fi>
Date: Wed, 12 Feb 2020 14:05:37 +0200
From: Aki Tuomi <aki.tuomi@...ecot.fi>
To: oss-security <oss-security@...ts.openwall.com>,
 full-disclosure <full-disclosure@...ts.openwall.com>
Subject: CVE-2020-7957: Dovecot: Specially crafted mail can crash snippet generation

Open-Xchange Security Advisory 2020-02-12

Affected product: Dovecot Core
Internal reference: DOV-3743 (JIRA ID)
Vulnerability type: Improper Input Validation (CWE-30)
Vulnerable version: 2.3.9
Vulnerable component: lmtp, imap
Fixed version: 2.3.9.3
Report confidence: Confirmed
Solution status: Fixed
Researcher credits: Open-Xchange oy
Vendor notification: 2020-01-14
CVE reference: CVE-2020-7957
CVSS: 3.1 (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L)

Vulnerability Details:

Snippet generation crashes if:

     message is large enough that message-parser returns multiple body
blocks
    The first block(s) don't contain the full snippet (e.g. full of
whitespace)
    input ends with '>'

Risk:

Sending specially crafted email can cause mailbox to have permanently
unaccessible mail, or the mail can be stuck in delivery.

Solution:

Upgrade to 2.3.9.3



Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.