Описание
ELSA-2011-1187: dovecot security update (MODERATE)
[1:2.0.9-2.1]
- fix potential crash when parsing header names that contain NUL characters (#728672)
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
dovecot
1.0.7-7.el5_7.1
Oracle Linux x86_64
dovecot
1.0.7-7.el5_7.1
Oracle Linux i386
dovecot
1.0.7-7.el5_7.1
Oracle Linux 6
Oracle Linux x86_64
dovecot
2.0.9-2.el6_1.1
dovecot-devel
2.0.9-2.el6_1.1
dovecot-mysql
2.0.9-2.el6_1.1
dovecot-pgsql
2.0.9-2.el6_1.1
dovecot-pigeonhole
2.0.9-2.el6_1.1
Oracle Linux i686
dovecot
2.0.9-2.el6_1.1
dovecot-devel
2.0.9-2.el6_1.1
dovecot-mysql
2.0.9-2.el6_1.1
dovecot-pgsql
2.0.9-2.el6_1.1
dovecot-pigeonhole
2.0.9-2.el6_1.1
Связанные CVE
Связанные уязвимости
lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.
lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.
lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.
lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2. ...
lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.