CVE-2008-4907
CVE-2008-4907
The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote attackers to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an assertion error, aka "invalid message address parsing bug."
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/32551unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://secunia.com/advisories/32479http://secunia.com/advisories/32677http://secunia.com/advisories/33149http://security.gentoo.org/glsa/glsa-200812-16.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/46227http://www.dovecot.org/list/dovecot-news/2008-October/000089.htmlhttp://www.securityfocus.com/bid/31997http://www.ubuntu.com/usn/usn-666-1