CVE-2006-0730 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Dovecot

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer5 documents5 sources

Severity

5.0MEDIUMNVD

EPSS

0.9%

top 24.13%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dovecot Debian Dovecot Timo Sirainen Dovecot

Timeline

PublishedFeb 16

Latest updateMay 1

Description

Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶debiandebian/dovecot< dovecot 1.0.beta3-1 (bookworm)

▶Debiandovecot/dovecot< 1.0.beta3-1+3

▶NVDtimo_sirainen/dovecot1.0beta2

🔴Vulnerability Details

GHSA

GHSA-q2g9-6wv8-pjrc: Multiple unspecified vulnerabilities in Dovecot before 1↗2022-05-01

▶

OSV

CVE-2006-0730: Multiple unspecified vulnerabilities in Dovecot before 1↗2006-02-16

▶

📋Vendor Advisories

Debian

CVE-2006-0730: dovecot - Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote att...↗2006

▶

Red Hat

CVE-2006-0730: Multiple unspecified vulnerabilities in Dovecot before 1↗

▶