CVE-2011-1929
Publication date 24 May 2011
Last updated 24 July 2024
Ubuntu priority
lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle ‘\0’ characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.
Status
Package | Ubuntu Release | Status |
---|---|---|
dovecot | 11.04 natty |
Fixed 1:1.2.15-3ubuntu2.1
|
10.10 maverick |
Fixed 1:1.2.12-1ubuntu8.2
|
|
10.04 LTS lucid |
Fixed 1:1.2.9-1ubuntu6.4
|
|
8.04 LTS hardy |
Not affected
|
|
6.06 LTS dapper | Ignored end of life |
Notes
References
Related Ubuntu Security Notices (USN)
- USN-1143-1
- Dovecot vulnerability
- 2 June 2011