Candidate: CVE-2010-0745
PublicDate: 2010-05-20 17:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0745
 http://dovecot.org/list/dovecot-news/2010-March/000152.html
Description:
 Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote
 attackers to cause a denial of service (CPU consumption) via long headers
 in an e-mail message.
Ubuntu-Description:
Notes:
 mdeslaur> only affected 1.2.x
 mdeslaur> lucid is fixed with fix-dovecot-dos.dpatch
Bugs:
 https://bugs.launchpad.net/ubuntu/+source/dovecot/+bug/536695
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_dovecot:
 upstream: http://hg.dovecot.org/dovecot-2.0/rev/de2798fbbae6 (head)
 upstream: http://hg.dovecot.org/dovecot-1.2/rev/6c9f2ed821df (1.2.x)
upstream_dovecot: released (1.2.11)
dapper_dovecot: not-affected (1.0.beta3-3ubuntu5.6)
hardy_dovecot: not-affected (1:1.0.10-1ubuntu5.2)
jaunty_dovecot: not-affected (1:1.1.11-0ubuntu4.1)
karmic_dovecot: not-affected (1:1.1.11-0ubuntu11)
lucid_dovecot: not-affected (1:1.2.9-1ubuntu6)
devel_dovecot: not-affected (1:1.2.11-1ubuntu1)