CVE-2009-2632
Published: 8 September 2009
Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
Notes
Author | Note |
---|---|
mdeslaur | version specified is of dovecot-sieve, not of the dovecot itself although code is present in dapper's dovecot, we don't compile the sieve plugin |
Priority
Status
Package | Release | Status |
---|---|---|
cyrus-imapd-2.2 Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Ignored
(end of life)
|
|
intrepid |
Ignored
(end of life, was needed)
|
|
jaunty |
Released
(2.2.13-14ubuntu3.1)
|
|
karmic |
Not vulnerable
(2.2.13-16ubuntu1)
|
|
lucid |
Not vulnerable
(2.2.13-16ubuntu1)
|
|
maverick |
Not vulnerable
(2.2.13-16ubuntu1)
|
|
natty |
Not vulnerable
(2.2.13-16ubuntu1)
|
|
oneiric |
Not vulnerable
(2.2.13-16ubuntu1)
|
|
upstream |
Released
(2.2.13-15)
|
|
Patches: upstream: https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sieve/script.c.diff?r1=1.67&r2=1.68 debdiff: https://bugs.launchpad.net/ubuntu/+source/cyrus-imapd-2.2/+bug/438363 |
||
dovecot Launchpad, Ubuntu, Debian |
dapper |
Not vulnerable
(code not compiled)
|
hardy |
Released
(1:1.0.10-1ubuntu5.2)
|
|
intrepid |
Released
(1:1.1.4-0ubuntu1.3)
|
|
jaunty |
Released
(1:1.1.11-0ubuntu4.1)
|
|
karmic |
Released
(1:1.1.11-0ubuntu9)
|
|
lucid |
Released
(1:1.1.11-0ubuntu9)
|
|
maverick |
Released
(1:1.1.11-0ubuntu9)
|
|
natty |
Released
(1:1.1.11-0ubuntu9)
|
|
oneiric |
Released
(1:1.1.11-0ubuntu9)
|
|
upstream |
Released
(1.1.7)
|
|
Patches: upstream: http://hg.dovecot.org/dovecot-sieve-1.1/rev/049f22520628 upstream: http://hg.dovecot.org/dovecot-sieve-1.1/rev/4577c4e1130d |
||
kolab-cyrus-imapd Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Ignored
(end of life)
|
|
intrepid |
Ignored
(end of life, was needed)
|
|
jaunty |
Ignored
(end of life)
|
|
karmic |
Ignored
(end of life)
|
|
lucid |
Not vulnerable
(2.2.13-9)
|
|
maverick |
Not vulnerable
(2.2.13-9)
|
|
natty |
Not vulnerable
(2.2.13-9)
|
|
oneiric |
Not vulnerable
(2.2.13-9)
|
|
upstream |
Needs triage
|