CVE-2011-1929

EPSS 4.3%

dovecot - programming error

發布日:2011/5/24修改日:2026/4/28

也稱為:DEBIAN-CVE-2011-1929

描述

lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.

受影響套件(2)

Debian/dovecotfrom 0, < 1:2.0.13-1
Debian/dovecotfrom 0, < 1:1.2.15-7

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-1929