thr3ads.net - Secure testing team - [Secure-testing-team] Bug#547947: CVE-2009-3235: CMU sieve buffer overflows [Sep 2009]

If this information is useful, please help other people find it:
Share via:

Giuseppe Iuculano

2009-Sep-22 18:03 UTC

[Secure-testing-team] Bug#547947: CVE-2009-3235: CMU sieve buffer overflows

Package: cyrus-imapd-2.2
Severity: grave
Tags: security patch

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for cyrus-imapd-2.2.

CVE-2009-3235[0]:
| Multiple stack-based buffer overflows in the Sieve plugin in Dovecot
| 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve,
| allow context-dependent attackers to cause a denial of service (crash)
| and possibly execute arbitrary code via a crafted SIEVE script, as
| demonstrated by forwarding an e-mail message to a large number of
| recipients, a different vulnerability than CVE-2009-2632.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3235
    http://security-tracker.debian.net/tracker/CVE-2009-3235
    Patch:
https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sieve/sieve.y.diff?r1=1.40;r2=1.41;f=h
          
https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sieve/bc_eval.c.diff?r1=1.14;r2=1.15;f=h
	  
https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sieve/script.c.diff?r1=1.68;r2=1.69;f=h


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkq5EW4ACgkQNxpp46476arebACgh+bpQP8IA3eIpE7he2+zF1jS
wN8An1RVJ0YibCNe7VtIcG3sbje1xsEI
=nZP+
-----END PGP SIGNATURE-----

Secure testing team - Sep 2009 - Bug#547947: CVE-2009-3235: CMU sieve buffer overflows

[Secure-testing-team] Bug#547947: CVE-2009-3235: CMU sieve buffer overflows