CVE-2017-14461
published 2018-03-02CVE-2017-14461: A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information…
PriorityP343high7.1CVSS 3.0
AVNACLPRLUINSUCLINAH
EPSS
17.57%
96.8th percentile
A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service. In order to trigger this vulnerability, an attacker needs to send a specially crafted email message to the server.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | dovecot | < dovecot 1:2.2.34-1 (bookworm) | dovecot 1:2.2.34-1 (bookworm) |
| dovecot | dovecot | — | — |
| dovecot | dovecot | >= 0 < 1:2.2.34-1 | 1:2.2.34-1 |
| dovecot | dovecot | >= 0 < 1:2.2.34-1 | 1:2.2.34-1 |
| dovecot | dovecot | >= 0 < 1:2.2.34-1 | 1:2.2.34-1 |
| dovecot | dovecot | >= 0 < 1:2.2.34-1 | 1:2.2.34-1 |
| dovecot | dovecot | >= 0 < 1:2.2.9-1ubuntu2.4 | 1:2.2.9-1ubuntu2.4 |
| dovecot | dovecot | >= 0 < 1:2.2.22-1ubuntu2.7 | 1:2.2.22-1ubuntu2.7 |
| the_dovecot_project | dovecot | — | — |
| ubuntu | ubuntu | — | — |
| ubuntu | ubuntu | — | — |
| ubuntu | ubuntu | — | — |
CVSS provenance
nvdv3.07.1HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
nvdv2.05.5MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:P
osv7.1HIGH
vendor_debian5.9MEDIUM
vendor_redhat5.9MEDIUM
vendor_ubuntu5.9MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-r34f-p748-2x25: A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive infor
ghsa_unreviewed·2022-05-13
CVE-2017-14461 [HIGH] CWE-200 GHSA-r34f-p748-2x25: A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive infor
A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service. In order to trigger this vulnerability, an attacker needs to send a specially crafted email message to the server.
OSV
dovecot vulnerabilities
osv·2018-03-05·CVSS 7.1
CVE-2017-14461 [HIGH] dovecot vulnerabilities
dovecot vulnerabilities
It was discovered that Dovecot incorrectly handled parsing certain email
addresses. A remote attacker could use this issue to cause Dovecot to
crash, resulting in a denial of service, or possibly obtain sensitive
information. (CVE-2017-14461)
It was discovered that Dovecot incorrectly handled TLS SNI config lookups.
A remote attacker could possibly use this issue to cause Dovecot to crash,
resulting in a denial of service. (CVE-2017-15130)
OSV
CVE-2017-14461: A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive infor
osv·2018-03-02·CVSS 7.1
CVE-2017-14461 [HIGH] CVE-2017-14461: A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive infor
A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service. In order to trigger this vulnerability, an attacker needs to send a specially crafted email message to the server.
Ubuntu
Dovecot vulnerabilities
vendor_ubuntu·2018-04-02·CVSS 5.9
CVE-2017-14461 [MEDIUM] Dovecot vulnerabilities
Title: Dovecot vulnerabilities
Summary: Several security issues were fixed in Dovecot.
USN-3587-1 fixed a vulnerability in Dovecot. This update provides
the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
It was discovered that Dovecot incorrectly handled parsing certain email
addresses. A remote attacker could use this issue to cause Dovecot to
crash, resulting in a denial of service, or possibly obtain sensitive
information. (CVE-2017-14461)
It was discovered that Dovecot incorrectly handled TLS SNI config lookups.
A remote attacker could possibly use this issue to cause Dovecot to crash,
resulting in a denial of service. (CVE-2017-15130)
Instructions: In general, a standard system update will make all the necessary changes.
Ubuntu
Dovecot vulnerabilities
vendor_ubuntu·2018-03-05·CVSS 5.9
CVE-2017-14461 [MEDIUM] Dovecot vulnerabilities
Title: Dovecot vulnerabilities
Summary: Several security issues were fixed in Dovecot.
It was discovered that Dovecot incorrectly handled parsing certain email
addresses. A remote attacker could use this issue to cause Dovecot to
crash, resulting in a denial of service, or possibly obtain sensitive
information. (CVE-2017-14461)
It was discovered that Dovecot incorrectly handled TLS SNI config lookups.
A remote attacker could possibly use this issue to cause Dovecot to crash,
resulting in a denial of service. (CVE-2017-15130)
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
dovecot: Information Leak Vulnerability in rfc822_parse_domain leading to denial-of-service
vendor_redhat·2018-02-28·CVSS 5.9
CVE-2017-14461 [MEDIUM] CWE-200 dovecot: Information Leak Vulnerability in rfc822_parse_domain leading to denial-of-service
dovecot: Information Leak Vulnerability in rfc822_parse_domain leading to denial-of-service
A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service. In order to trigger this vulnerability, an attacker needs to send a specially crafted email message to the server.
Package: dovecot (Red Hat Enterprise Linux 5) - Not affected
Package: dovecot (Red Hat Enterprise Linux 6) - Affected
Package: dovecot (Red Hat Enterprise Linux 7) - Affected
Package: dovecot (Red Hat Enterprise Linux 8) - Not affected
Debian
CVE-2017-14461: dovecot - A specially crafted email delivered over SMTP and passed on to Dovecot by MTA ca...
vendor_debian·2017·CVSS 5.9
CVE-2017-14461 [MEDIUM] CVE-2017-14461: dovecot - A specially crafted email delivered over SMTP and passed on to Dovecot by MTA ca...
A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service. In order to trigger this vulnerability, an attacker needs to send a specially crafted email message to the server.
Scope: local
bookworm: resolved (fixed in 1:2.2.34-1)
bullseye: resolved (fixed in 1:2.2.34-1)
forky: resolved (fixed in 1:2.2.34-1)
sid: resolved (fixed in 1:2.2.34-1)
trixie: resolved (fixed in 1:2.2.34-1)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2017-14461 dovecot: Information Leak Vulnerability in rfc822_parse_domain leading to denial-of-service [fedora-all]
bugzilla·2018-03-01·CVSS 5.9
CVE-2017-14461 [MEDIUM] CVE-2017-14461 dovecot: Information Leak Vulnerability in rfc822_parse_domain leading to denial-of-service [fedora-all]
CVE-2017-14461 dovecot: Information Leak Vulnerability in rfc822_parse_domain leading to denial-of-service [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this
Bugzilla
CVE-2017-14461 dovecot: Information Leak Vulnerability in rfc822_parse_domain leading to denial-of-service
bugzilla·2018-02-27·CVSS 5.9
CVE-2017-14461 [MEDIUM] CVE-2017-14461 dovecot: Information Leak Vulnerability in rfc822_parse_domain leading to denial-of-service
CVE-2017-14461 dovecot: Information Leak Vulnerability in rfc822_parse_domain leading to denial-of-service
An information leak vulnerability in rfc822_parse_domain was found in dovecot, affecting versions 2.0 - 2.2.33 and 2.3.0.
A malicious party can send a specially crafted email to a vulnerable system, causing it to crash dovecot. In some systems, the mail can be stored into the mail system, causing crash every time it is being opened. If the mail is stored into the mail system, it can be used to also leak heap memory from IMAP process by requesting bodystructure of the mail.
Discussion:
Created attachment 1401224
Upstream patch #1
---
Created attachment 1401225
Upstream patch #2
---
Created attachment 1401226
Upstream patch #3
---
Created attachment 1401227
Upstream patch #4
Talos
Vulnerability Spotlight: Dovecot out-of-bounds Read Vulnerability
blogs_talos·2018-03-01·CVSS 5.9
[MEDIUM] Vulnerability Spotlight: Dovecot out-of-bounds Read Vulnerability
## Overview
Today, Cisco Talos is disclosing a single out-of-bounds read vulnerability in the Dovecot IMAP server. Dovecot is a popular internet message access protocol, or IMAP, server with performance and security-oriented design. It is a popular choice for robust email servers. In accordance with our coordinated disclosure policy, Talos has worked with Dovecot to ensure that this issue has been resolved. Dovecot has released version 2.2.34 to address this issue. Talos recommends installing this update as quickly as possible on affected systems.
## Details
Discovered by Aleksander Nikolic
TALOS-2017-0510 / CVE-2017-14461 is an out-of-bounds read vulnerability in the RFC822 parser implemented in Dovecot IMAP Server 2.2.33.2. RFC822 deals specifically with the standard for ARPA interne
Talos
Vulnerability Spotlight: Dovecot out-of-bounds Read Vulnerability
blogs_talos·2018-03-01·CVSS 5.9
[MEDIUM] Vulnerability Spotlight: Dovecot out-of-bounds Read Vulnerability
## Vulnerability Spotlight: Dovecot out-of-bounds Read Vulnerability
## Overview
Today, Cisco Talos is disclosing a single out-of-bounds read vulnerability in the Dovecot IMAP server. Dovecot is a popular internet message access protocol, or IMAP, server with performance and security-oriented design. It is a popular choice for robust email servers. In accordance with our coordinated disclosure policy, Talos has worked with Dovecot to ensure that this issue has been resolved. Dovecot has released version 2.2.34 to address this issue. Talos recommends installing this update as quickly as possible on affected systems.
## Details
Discovered by Aleksander Nikolic
TALOS-2017-0510 / CVE-2017-14461 is an out-of-bounds read vulnerability in the RFC822 parser implemented in Dovecot IMAP Server
http://www.securityfocus.com/bid/103201https://lists.debian.org/debian-lts-announce/2018/03/msg00036.htmlhttps://talosintelligence.com/vulnerability_reports/TALOS-2017-0510https://usn.ubuntu.com/3587-1/https://usn.ubuntu.com/3587-2/https://www.debian.org/security/2018/dsa-4130https://www.dovecot.org/list/dovecot-news/2018-February/000370.htmlhttp://www.securityfocus.com/bid/103201https://lists.debian.org/debian-lts-announce/2018/03/msg00036.htmlhttps://talosintelligence.com/vulnerability_reports/TALOS-2017-0510https://usn.ubuntu.com/3587-1/https://usn.ubuntu.com/3587-2/https://www.debian.org/security/2018/dsa-4130https://www.dovecot.org/list/dovecot-news/2018-February/000370.html
2018-03-02
Published