Debian Security Advisory DSA 2252-1 (dovecot) Network Vulnerability

Summary

The remote host is missing an update to dovecot announced via advisory DSA 2252-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202252-1

Insight

It was discovered that the message header parser in the Dovecot mail server parsed NUL characters incorrectly, which could lead to denial of service through malformed mail headers. The oldstable distribution (lenny) is not affected. For the stable distribution (squeeze), this problem has been fixed in version 1.2.15-7. For the unstable distribution (sid), this problem has been fixed in version 2.0.13-1. We recommend that you upgrade your dovecot packages.

Severity

Classification

CVE CVE-2011-1929

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Debian Security Advisory DSA 052-1 (sendfile)
Debian Security Advisory DSA 1010-1 (ilohamail)
Debian Security Advisory DSA 1077-1 (lynx-ssl)
Debian Security Advisory DSA 1152-1 (trac)
Debian Security Advisory DSA 114-1 (gnujsp)

Take action and discover your vulnerabilities