CVE-2009-3235 – cyrus-impad: CMU sieve buffer overflows
https://notcve.org/view.php?id=CVE-2009-3235
Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632. Múltiples desbordamientos de búfer basados en pila en el complemento -plugin- Sieve de Dovecot v1.0 anterior a v1.0.4 y v1.1 anterior a v1.1.7, como se deriva de Cyrus libsieve, permiten a atacantes dependientes del contexto provocar una denegación de servicio (caída) y puede que ejecutar código de su elección a través de una secuencia de comandos SIEVE, como se ha demostrado reenviando un mensaje de correo a un gran número de usuarios. Se trata de una vulnerabilidad diferente de CVE-2009-2632. • http://dovecot.org/list/dovecot-news/2009-September/000135.html http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html http://secunia.com/advisories/36698 http://secunia.com/advisories/36713 http://secunia.com/advisories/36904 http://support.apple.com/kb/HT3937 http://www.openwall.com/lists/oss-security/2009/09/14/3 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVE-2008-5301
https://notcve.org/view.php?id=CVE-2008-5301
Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote attackers to read and modify arbitrary .sieve files via a ".." (dot dot) in a script name. Vulnerabilidad de salto de directorio en la implementación de ManageSieve en Dovecot 1.0.15, 1.1, y 1.2 permite a atacantes remotos leer y modificar arbitrariamente ficheros .sieve a través de un ".." (punto punto) en el nombre de un script. • http://secunia.com/advisories/32768 http://secunia.com/advisories/36904 http://www.dovecot.org/list/dovecot/2008-November/035259.html http://www.securityfocus.com/bid/32582 http://www.ubuntu.com/usn/USN-838-1 http://www.vupen.com/english/advisories/2008/3190 https://exchange.xforce.ibmcloud.com/vulnerabilities/46672 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2008-4907 – Dovecot 1.1.x - Invalid Message Address Parsing Denial of Service
https://notcve.org/view.php?id=CVE-2008-4907
The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote attackers to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an assertion error, aka "invalid message address parsing bug." La característica de análisis sintáctico en Dovecot v1.1.4 y v1.1.5, cuando usa el comando FETCH ENVELOPE en el cliente IMAP, permite a atacantes remotos causar denegación de servicio (caída persistente) a través de un correo electrónico con una dirección From mal formada, que dispara una error de aserción, también conocido como "error de análisis de dirección de mensaje inválido". • https://www.exploit-db.com/exploits/32551 http://secunia.com/advisories/32479 http://secunia.com/advisories/32677 http://secunia.com/advisories/33149 http://security.gentoo.org/glsa/glsa-200812-16.xml http://www.dovecot.org/list/dovecot-news/2008-October/000089.html http://www.securityfocus.com/bid/31997 http://www.ubuntu.com/usn/usn-666-1 https://exchange.xforce.ibmcloud.com/vulnerabilities/46227 • CWE-20: Improper Input Validation •
CVE-2008-4870 – dovecot: ssl_key_password disclosure due to an insecure dovecot.conf permissions
https://notcve.org/view.php?id=CVE-2008-4870
dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value. dovecot 1.0.7 en Red Hat Enterprise Linux (RHEL) 5 y posiblemente Fedora, utiliza permisos leíbles por todo el mundo para dovecot.conf, lo que permite a usuarios locales obtener el valor del parámetro ssl_key_password. • http://secunia.com/advisories/32164 http://secunia.com/advisories/33149 http://secunia.com/advisories/33624 http://security.gentoo.org/glsa/glsa-200812-16.xml http://www.openwall.com/lists/oss-security/2008/10/29/10 http://www.redhat.com/support/errata/RHSA-2009-0205.html https://bugzilla.redhat.com/show_bug.cgi?id=436287 https://exchange.xforce.ibmcloud.com/vulnerabilities/46323 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10776 https: • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2008-4578
https://notcve.org/view.php?id=CVE-2008-4578
The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes. El plugin ACL en Dovecot anterior a 1.1.4 permite a atacantes remotos evitar las restricciones de acceso previstas utilizando la "k" derecha para crear buzones de correo "parent/child/child" no autorizados. • http://bugs.gentoo.org/show_bug.cgi?id=240409 http://secunia.com/advisories/32164 http://secunia.com/advisories/33149 http://security.gentoo.org/glsa/glsa-200812-16.xml http://www.dovecot.org/list/dovecot-news/2008-October/000085.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:232 http://www.securityfocus.com/archive/1/498498/100/0/threaded http://www.securityfocus.com/bid/31587 http://www.vupen.com/english/advisories/2008/2745 https://exchange.xforce • CWE-264: Permissions, Privileges, and Access Controls •