PublicDateAtUSN: 2009-09-17 Candidate: CVE-2009-3235 PublicDate: 2009-09-17 10:30:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3235 https://ubuntu.com/security/notices/USN-838-1 Description: Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632. Ubuntu-Description: Notes: mdeslaur> version specified is of dovecot-sieve, not of the dovecot itself mdeslaur> although code is present in dapper's dovecot, we don't compile mdeslaur> the sieve plugin Bugs: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=547947 (cyrus-imapd) Priority: medium Discovered-by: Assigned-to: CVSS: Patches_cyrus-imapd-2.2: upstream: https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sieve/sieve.y.diff?r1=1.40;r2=1.41;f=h upstream: https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sieve/bc_eval.c.diff?r1=1.14;r2=1.15;f=h upstream: https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sieve/script.c.diff?r1=1.68;r2=1.69;f=h debdiff: https://bugs.launchpad.net/ubuntu/+source/cyrus-imapd-2.2/+bug/438363 upstream_cyrus-imapd-2.2: released (2.2.13-17) dapper_cyrus-imapd-2.2: ignored (reached end-of-life) hardy_cyrus-imapd-2.2: ignored (reached end-of-life) intrepid_cyrus-imapd-2.2: ignored (reached end-of-life) jaunty_cyrus-imapd-2.2: released (2.2.13-14ubuntu3.1) karmic_cyrus-imapd-2.2: ignored (reached end-of-life) lucid_cyrus-imapd-2.2: not-affected (2.2.13-19) maverick_cyrus-imapd-2.2: not-affected (2.2.13-19) natty_cyrus-imapd-2.2: not-affected (2.2.13-19) oneiric_cyrus-imapd-2.2: not-affected (2.2.13-19) devel_cyrus-imapd-2.2: not-affected (2.2.13-19) Patches_kolab-cyrus-imapd: upstream_kolab-cyrus-imapd: needs-triage dapper_kolab-cyrus-imapd: ignored (reached end-of-life) hardy_kolab-cyrus-imapd: ignored (reached end-of-life) intrepid_kolab-cyrus-imapd: ignored (reached end-of-life) jaunty_kolab-cyrus-imapd: ignored (reached end-of-life) karmic_kolab-cyrus-imapd: ignored (reached end-of-life) lucid_kolab-cyrus-imapd: not-affected (2.2.13-9) maverick_kolab-cyrus-imapd: not-affected (2.2.13-9) natty_kolab-cyrus-imapd: not-affected (2.2.13-9) oneiric_kolab-cyrus-imapd: not-affected (2.2.13-9) devel_kolab-cyrus-imapd: not-affected (2.2.13-9) Patches_dovecot: upstream: http://hg.dovecot.org/dovecot-sieve-1.1/rev/049f22520628 upstream: http://hg.dovecot.org/dovecot-sieve-1.1/rev/4577c4e1130d upstream_dovecot: needs-triage dapper_dovecot: not-affected (code not compiled) hardy_dovecot: released (1:1.0.10-1ubuntu5.2) intrepid_dovecot: released (1:1.1.4-0ubuntu1.3) jaunty_dovecot: released (1:1.1.11-0ubuntu4.1) karmic_dovecot: released (1:1.1.11-0ubuntu9) lucid_dovecot: released (1:1.1.11-0ubuntu9) maverick_dovecot: released (1:1.1.11-0ubuntu9) natty_dovecot: released (1:1.1.11-0ubuntu9) oneiric_dovecot: released (1:1.1.11-0ubuntu9) devel_dovecot: released (1:1.1.11-0ubuntu9)