CVE-2006-5973
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
20/11/2006
Last modified:
09/04/2025
Description
Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:timo_sirainen:dovecot:1.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:timo_sirainen:dovecot:1.0.alpha1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:timo_sirainen:dovecot:1.0.alpha2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:timo_sirainen:dovecot:1.0.alpha3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:timo_sirainen:dovecot:1.0.alpha4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:timo_sirainen:dovecot:1.0.alpha5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:timo_sirainen:dovecot:1.0.beta1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:timo_sirainen:dovecot:1.0.beta2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:timo_sirainen:dovecot:1.0.beta3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:timo_sirainen:dovecot:1.0.beta4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:timo_sirainen:dovecot:1.0.beta5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:timo_sirainen:dovecot:1.0.beta6:*:*:*:*:*:*:* | ||
| cpe:2.3:a:timo_sirainen:dovecot:1.0.beta7:*:*:*:*:*:*:* | ||
| cpe:2.3:a:timo_sirainen:dovecot:1.0.beta8:*:*:*:*:*:*:* | ||
| cpe:2.3:a:timo_sirainen:dovecot:1.0.beta9:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://dovecot.org/list/dovecot-news/2006-November/000023.html
- http://dovecot.org/pipermail/dovecot-news/2006-November/000024.html
- http://secunia.com/advisories/23007
- http://secunia.com/advisories/23150
- http://secunia.com/advisories/23172
- http://secunia.com/advisories/23213
- http://securitytracker.com/id?1017288=
- http://www.novell.com/linux/security/advisories/2006_73_mono.html
- http://www.securityfocus.com/archive/1/452081/100/0/threaded
- http://www.securityfocus.com/bid/21183/info
- http://www.ubuntu.com/usn/usn-387-1
- http://www.vupen.com/english/advisories/2006/4614
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30433
- https://issues.rpath.com/browse/RPL-802
- http://dovecot.org/list/dovecot-news/2006-November/000023.html
- http://dovecot.org/pipermail/dovecot-news/2006-November/000024.html
- http://secunia.com/advisories/23007
- http://secunia.com/advisories/23150
- http://secunia.com/advisories/23172
- http://secunia.com/advisories/23213
- http://securitytracker.com/id?1017288=
- http://www.novell.com/linux/security/advisories/2006_73_mono.html
- http://www.securityfocus.com/archive/1/452081/100/0/threaded
- http://www.securityfocus.com/bid/21183/info
- http://www.ubuntu.com/usn/usn-387-1
- http://www.vupen.com/english/advisories/2006/4614
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30433
- https://issues.rpath.com/browse/RPL-802