FreeBSD Bugzilla – Attachment 225983 Details for
Bug 256763
security/vuxml: Document multiple vulnerabilities in Dovecot
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch file
security_vuxml.dovecot.patch (text/plain), 3.02 KB, created by
Yasuhiro Kimura
on 2021-06-21 22:23:09 UTC
(
hide
)
Description:
Patch file
Filename:
MIME Type:
Creator:
Yasuhiro Kimura
Created:
2021-06-21 22:23:09 UTC
Size:
3.02 KB
patch
obsolete
>From 940f8bba7a69ad59dc334e62338dc3e52184d44a Mon Sep 17 00:00:00 2001 >From: Yasuhiro Kimura <yasu@utahime.org> >Date: Tue, 22 Jun 2021 07:17:11 +0900 >Subject: [PATCH] security/vuxml: Document multiple vulnerabilities in Dovecot > >Document multiple vulnerabilities in Dovecot. >--- > security/vuxml/vuln.xml | 55 +++++++++++++++++++++++++++++++++++++++++ > 1 file changed, 55 insertions(+) > >diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml >index 106f0b2d1434..245145d1e1cf 100644 >--- a/security/vuxml/vuln.xml >+++ b/security/vuxml/vuln.xml >@@ -76,6 +76,61 @@ Notes: > * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) > --> > <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> >+ <vuln vid="46a1b78f-d2dc-11eb-baa9-080027f515ea"> >+ <topic>Dovecot -- multiple vulnerabilities</topic> >+ <affects> >+ <package> >+ <name>dovecot</name> >+ <range><lt>2.3.15</lt></range> >+ </package> >+ </affects> >+ <description> >+ <body xmlns="http://www.w3.org/1999/xhtml"> >+ <p>Timo Sirainen reports:</p> >+ <blockquote cite="https://dovecot.org/pipermail/dovecot-news/2021-June/000460.html"> >+ <p> >+ Sieve interpreter is not protected against abusive scripts that >+ claim excessive resource usage. Especially scripts using massive >+ amounts of regexps. Attacker can DoS the mail delivery system by >+ using excessive amount of CPU and/or reaching the lmtp/lda >+ process limits. >+ </p> >+ </blockquote> >+ <blockquote cite="https://dovecot.org/pipermail/dovecot-news/2021-June/000461.html"> >+ <p> >+ Dovecot does not correctly escape kid and azp fields in JWT tokens. >+ This may be used to supply attacker controlled keys to validate >+ tokens in some configurations. This requires attacker to be able >+ to write files to local disk. Local attacker can login as any user >+ and access their emails. >+ </p> >+ </blockquote> >+ <blockquote cite="https://dovecot.org/pipermail/dovecot-news/2021-June/000462.html"> >+ <p> >+ On-path attacker could inject plaintext commands before STARTTLS >+ negotiation that would be executed after STARTTLS finished with >+ the client. Only the SMTP submission service is affected. >+ Attacker can potentially steal user credentials and mails. The >+ attacker needs to have sending permissions on the submission >+ server (a valid username and password). >+ </p> >+ </blockquote> >+ </body> >+ </description> >+ <references> >+ <cvename>CVE-2020-28200</cvename> >+ <cvename>CVE-2021-29157</cvename> >+ <cvename>CVE-2021-33515</cvename> >+ <url>https://dovecot.org/pipermail/dovecot-news/2021-June/000460.html</url> >+ <url>https://dovecot.org/pipermail/dovecot-news/2021-June/000461.html</url> >+ <url>https://dovecot.org/pipermail/dovecot-news/2021-June/000462.html</url> >+ </references> >+ <dates> >+ <discovery>2021-06-21</discovery> >+ <entry>2021-06-21</entry> >+ </dates> >+ </vuln> >+ > <vuln vid="0e561c06-d13a-11eb-92be-0800273f11ea"> > <topic>gitea -- multiple vulnerabilities</topic> > <affects> >-- >2.32.0 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 256763
: 225983