SMTP: Dovecot rfc822_parse_domain Out of Bounds Read
his signature detects attempts to exploit a known vulnerability in Dovecot IMAP server. Successful exploitation may result in information disclosure or denial of service conditions.
Extended Description
A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service. In order to trigger this vulnerability, an attacker needs to send a specially crafted email message to the server.
Affected Products
Ubuntu ubuntu
Short Name
SMTP:DOVECOT-DOMAIN-OOB
Severity
Major
Recommended
True
Recommended Action
None
Category
SMTP
Keywords
Bounds CVE-2017-14461 Dovecot Out Read bid:103201 of rfc822_parse_domain
Release Date
04/03/2018
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Dovecot
Debian
Ubuntu
CVSS Score
5.5