Vulnerability CVE-2017-15132


Published: 2018-01-25

Description:
A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. An abort of SASL authentication results in a memory leak in dovecot's auth client used by login processes. The leak has impact in high performance configuration where same login processes are reused and can cause the process to crash due to memory exhaustion.

Type:

CWE-399

(Resource Management Errors)

Vendor: Debian
Product: Debian linux 
Version:
9.0
8.0
7.0
Vendor: Dovecot
Product: Dovecot 
Version:
2.3.0
2.2.9
2.2.8
2.2.7
2.2.6
2.2.5
2.2.4
2.2.33
2.2.32
2.2.31
2.2.30.2
2.2.30.1
2.2.30
2.2.3
2.2.29.1
2.2.29
2.2.28
2.2.27
2.2.26.0
2.2.26
2.2.25.4.2
2.2.25.4
2.2.25.3
2.2.25.2
2.2.25.1
2.2.25
2.2.24.2
2.2.24.1
2.2.24
2.2.23.1
2.2.23
2.2.22
2.2.21.2.2
2.2.21.2
2.2.21.1
2.2.21
2.2.20
2.2.2
2.2.19
2.2.18
2.2.17
2.2.16
2.2.15
2.2.14
2.2.13
2.2.10
2.2.1
2.2.0
2.2
2.1.8
2.1.7
2.1.6
2.1.5
2.1.4
2.1.3
2.1.2
2.1.17
2.1.16
2.1.15
2.1.14
2.1.13
2.1.12
2.1.11
2.1.10
2.1.1
2.1.0
2.1
2.0.9
2.0.8
2.0.7
2.0.6
2.0.5
2.0.4
2.0.3
2.0.2
2.0.15
2.0.14
2.0.13
2.0.12
2.0.11
2.0.10
2.0.1
2.0.0
Vendor: Canonical
Product: Ubuntu linux 
Version:
17.10
16.04
14.04
12.04

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
https://bugzilla.redhat.com/show_bug.cgi?id=1532768
https://github.com/dovecot/core/commit/1a29ed2f96da1be22fa5a4d96c7583aa81b8b060.patch
https://lists.debian.org/debian-lts-announce/2018/03/msg00036.html
https://usn.ubuntu.com/3556-1/
https://usn.ubuntu.com/3556-2/
https://www.debian.org/security/2018/dsa-4130
https://www.dovecot.org/list/dovecot-news/2018-February/000370.html

Related CVE
CVE-2019-0196
A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request ...
CVE-2019-0220
A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions...
CVE-2019-12749
dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference ...
CVE-2019-11596
In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in memcached.c.
CVE-2019-9928
GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution.
CVE-2019-11498
WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service (application crash) via a DFF file ...
CVE-2019-2683
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged att...
CVE-2019-2632
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows unauthenticated attacker with...

Copyright 2019, cxsecurity.com

 

Back to Top