PublicDateAtUSN: 2009-09-08 Candidate: CVE-2009-2632 PublicDate: 2009-09-08 23:30:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2632 http://dovecot.org/list/dovecot-news/2009-September/000135.html https://ubuntu.com/security/notices/USN-838-1 Description: Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error. Ubuntu-Description: Notes: mdeslaur> version specified is of dovecot-sieve, not of the dovecot itself mdeslaur> although code is present in dapper's dovecot, we don't compile mdeslaur> the sieve plugin Bugs: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=546656 (dovecot) http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=547712 (kolab-cyrus-imapd) Priority: medium Discovered-by: Assigned-to: CVSS: Patches_cyrus-imapd-2.2: upstream: https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sieve/script.c.diff?r1=1.67&r2=1.68 debdiff: https://bugs.launchpad.net/ubuntu/+source/cyrus-imapd-2.2/+bug/438363 upstream_cyrus-imapd-2.2: released (2.2.13-15) dapper_cyrus-imapd-2.2: ignored (reached end-of-life) hardy_cyrus-imapd-2.2: ignored (reached end-of-life) intrepid_cyrus-imapd-2.2: needed (reached end-of-life) jaunty_cyrus-imapd-2.2: released (2.2.13-14ubuntu3.1) karmic_cyrus-imapd-2.2: not-affected (2.2.13-16ubuntu1) lucid_cyrus-imapd-2.2: not-affected (2.2.13-16ubuntu1) maverick_cyrus-imapd-2.2: not-affected (2.2.13-16ubuntu1) natty_cyrus-imapd-2.2: not-affected (2.2.13-16ubuntu1) oneiric_cyrus-imapd-2.2: not-affected (2.2.13-16ubuntu1) devel_cyrus-imapd-2.2: not-affected (2.2.13-16ubuntu1) Patches_kolab-cyrus-imapd: upstream_kolab-cyrus-imapd: needs-triage dapper_kolab-cyrus-imapd: ignored (reached end-of-life) hardy_kolab-cyrus-imapd: ignored (reached end-of-life) intrepid_kolab-cyrus-imapd: needed (reached end-of-life) jaunty_kolab-cyrus-imapd: ignored (reached end-of-life) karmic_kolab-cyrus-imapd: ignored (reached end-of-life) lucid_kolab-cyrus-imapd: not-affected (2.2.13-9) maverick_kolab-cyrus-imapd: not-affected (2.2.13-9) natty_kolab-cyrus-imapd: not-affected (2.2.13-9) oneiric_kolab-cyrus-imapd: not-affected (2.2.13-9) devel_kolab-cyrus-imapd: not-affected (2.2.13-9) Patches_dovecot: upstream: http://hg.dovecot.org/dovecot-sieve-1.1/rev/049f22520628 upstream: http://hg.dovecot.org/dovecot-sieve-1.1/rev/4577c4e1130d upstream_dovecot: released (1.1.7) dapper_dovecot: not-affected (code not compiled) hardy_dovecot: released (1:1.0.10-1ubuntu5.2) intrepid_dovecot: released (1:1.1.4-0ubuntu1.3) jaunty_dovecot: released (1:1.1.11-0ubuntu4.1) karmic_dovecot: released (1:1.1.11-0ubuntu9) lucid_dovecot: released (1:1.1.11-0ubuntu9) maverick_dovecot: released (1:1.1.11-0ubuntu9) natty_dovecot: released (1:1.1.11-0ubuntu9) oneiric_dovecot: released (1:1.1.11-0ubuntu9) devel_dovecot: released (1:1.1.11-0ubuntu9)