ID CVE-2006-5973
Summary Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.
References
Vulnerable Configurations
  • cpe:2.3:a:timo_sirainen:dovecot:1.0
    cpe:2.3:a:timo_sirainen:dovecot:1.0
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.alpha1
    cpe:2.3:a:timo_sirainen:dovecot:1.0.alpha1
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.alpha2
    cpe:2.3:a:timo_sirainen:dovecot:1.0.alpha2
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.alpha3
    cpe:2.3:a:timo_sirainen:dovecot:1.0.alpha3
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.alpha4
    cpe:2.3:a:timo_sirainen:dovecot:1.0.alpha4
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.alpha5
    cpe:2.3:a:timo_sirainen:dovecot:1.0.alpha5
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.beta1
    cpe:2.3:a:timo_sirainen:dovecot:1.0.beta1
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.beta2
    cpe:2.3:a:timo_sirainen:dovecot:1.0.beta2
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.beta3
    cpe:2.3:a:timo_sirainen:dovecot:1.0.beta3
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.beta4
    cpe:2.3:a:timo_sirainen:dovecot:1.0.beta4
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.beta5
    cpe:2.3:a:timo_sirainen:dovecot:1.0.beta5
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.beta6
    cpe:2.3:a:timo_sirainen:dovecot:1.0.beta6
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.beta7
    cpe:2.3:a:timo_sirainen:dovecot:1.0.beta7
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.beta8
    cpe:2.3:a:timo_sirainen:dovecot:1.0.beta8
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.beta9
    cpe:2.3:a:timo_sirainen:dovecot:1.0.beta9
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.rc1
    cpe:2.3:a:timo_sirainen:dovecot:1.0.rc1
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.rc2
    cpe:2.3:a:timo_sirainen:dovecot:1.0.rc2
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.rc3
    cpe:2.3:a:timo_sirainen:dovecot:1.0.rc3
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.rc4
    cpe:2.3:a:timo_sirainen:dovecot:1.0.rc4
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.rc5
    cpe:2.3:a:timo_sirainen:dovecot:1.0.rc5
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.rc6
    cpe:2.3:a:timo_sirainen:dovecot:1.0.rc6
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.rc7
    cpe:2.3:a:timo_sirainen:dovecot:1.0.rc7
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.rc8
    cpe:2.3:a:timo_sirainen:dovecot:1.0.rc8
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.rc9
    cpe:2.3:a:timo_sirainen:dovecot:1.0.rc9
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.rc10
    cpe:2.3:a:timo_sirainen:dovecot:1.0.rc10
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.rc11
    cpe:2.3:a:timo_sirainen:dovecot:1.0.rc11
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.rc12
    cpe:2.3:a:timo_sirainen:dovecot:1.0.rc12
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.rc13
    cpe:2.3:a:timo_sirainen:dovecot:1.0.rc13
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.rc14
    cpe:2.3:a:timo_sirainen:dovecot:1.0.rc14
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test53
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test53
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test54
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test54
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test55
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test55
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test56
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test56
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test57
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test57
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test58
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test58
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test59
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test59
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test60
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test60
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test61
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test61
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test62
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test62
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test63
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test63
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test64
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test64
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test65
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test65
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test66
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test66
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test67
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test67
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test68
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test68
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test69
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test69
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test70
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test70
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test71
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test71
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test72
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test72
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test73
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test73
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test74
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test74
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test75
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test75
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test76
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test76
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test77
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test77
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test78
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test78
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test79
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test79
  • cpe:2.3:a:timo_sirainen:dovecot:1.0.test80
    cpe:2.3:a:timo_sirainen:dovecot:1.0.test80
CVSS
Base: 5.0 (as of 21-11-2006 - 13:38)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_DOVECOT-2306.NASL
    description Off-by-one buffer overflow in Dovecot 1.0 versions, when index files are used and mmap_disable is set to 'yes,' allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file. (CVE-2006-5973)
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27201
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27201
    title openSUSE 10 Security Update : dovecot (dovecot-2306)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-387-1.NASL
    description Dovecot was discovered to have an error when handling its index cache files. This error could be exploited by authenticated POP and IMAP users to cause a crash of the Dovecot server, or possibly to execute arbitrary code. Only servers using the non-default option 'mmap_disable=yes' were vulnerable. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-13
    plugin id 27970
    published 2007-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27970
    title Ubuntu 6.06 LTS / 6.10 : dovecot vulnerability (USN-387-1)
refmap via4
bid 21183
bugtraq 20061119 Dovecot IMAP/POP3 server: Off-by-one buffer overflow
confirm https://issues.rpath.com/browse/RPL-802
mlist
  • [Dovecot-news] 20061119 Security hole #2: Off-by-one buffer overflow with mmap_disable=yes
  • [Dovecot-news] 20091119 1.0.rc15 released
sectrack 1017288
secunia
  • 23007
  • 23150
  • 23172
  • 23213
suse SUSE-SA:2006:073
ubuntu USN-387-1
vupen ADV-2006-4614
xf dovecot-indexcache-bo(30433)
Last major update 07-03-2011 - 21:44
Published 20-11-2006 - 14:07
Last modified 17-10-2018 - 17:46
Back to Top