CVE-2010-0745
Published: 20 May 2010
Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message.
Notes
Author | Note |
---|---|
mdeslaur | only affected 1.2.x lucid is fixed with fix-dovecot-dos.dpatch |
Priority
Status
Package | Release | Status |
---|---|---|
dovecot Launchpad, Ubuntu, Debian |
upstream |
Released
(1.2.11)
|
dapper |
Not vulnerable
(1.0.beta3-3ubuntu5.6)
|
|
hardy |
Not vulnerable
(1:1.0.10-1ubuntu5.2)
|
|
jaunty |
Not vulnerable
(1:1.1.11-0ubuntu4.1)
|
|
karmic |
Not vulnerable
(1:1.1.11-0ubuntu11)
|
|
lucid |
Not vulnerable
(1:1.2.9-1ubuntu6)
|
|
Patches: upstream: http://hg.dovecot.org/dovecot-2.0/rev/de2798fbbae6 (head) upstream: http://hg.dovecot.org/dovecot-1.2/rev/6c9f2ed821df (1.2.x) |