Vulnerability CVE-2017-15132


Published: 2018-01-25

Description:
A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. An abort of SASL authentication results in a memory leak in dovecot's auth client used by login processes. The leak has impact in high performance configuration where same login processes are reused and can cause the process to crash due to memory exhaustion.

Type:

CWE-399

(Resource Management Errors)

Vendor: Debian
Product: Debian linux 
Version:
9.0
8.0
7.0
Vendor: Dovecot
Product: Dovecot 
Version:
2.3.0
2.2.9
2.2.8
2.2.7
2.2.6
2.2.5
2.2.4
2.2.33
2.2.32
2.2.31
2.2.30.2
2.2.30.1
2.2.30
2.2.3
2.2.29.1
2.2.29
2.2.28
2.2.27
2.2.26.0
2.2.26
2.2.25.4.2
2.2.25.4
2.2.25.3
2.2.25.2
2.2.25.1
2.2.25
2.2.24.2
2.2.24.1
2.2.24
2.2.23.1
2.2.23
2.2.22
2.2.21.2.2
2.2.21.2
2.2.21.1
2.2.21
2.2.20
2.2.2
2.2.19
2.2.18
2.2.17
2.2.16
2.2.15
2.2.14
2.2.13
2.2.10
2.2.1
2.2.0
2.2
2.1.8
2.1.7
2.1.6
2.1.5
2.1.4
2.1.3
2.1.2
2.1.17
2.1.16
2.1.15
2.1.14
2.1.13
2.1.12
2.1.11
2.1.10
2.1.1
2.1.0
2.1
2.0.9
2.0.8
2.0.7
2.0.6
2.0.5
2.0.4
2.0.3
2.0.2
2.0.15
2.0.14
2.0.13
2.0.12
2.0.11
2.0.10
2.0.1
2.0.0
Vendor: Canonical
Product: Ubuntu linux 
Version:
17.10
16.04
14.04
12.04

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
https://bugzilla.redhat.com/show_bug.cgi?id=1532768
https://github.com/dovecot/core/commit/1a29ed2f96da1be22fa5a4d96c7583aa81b8b060.patch
https://lists.debian.org/debian-lts-announce/2018/03/msg00036.html
https://usn.ubuntu.com/3556-1/
https://usn.ubuntu.com/3556-2/
https://www.debian.org/security/2018/dsa-4130
https://www.dovecot.org/list/dovecot-news/2018-February/000370.html

Related CVE
CVE-2019-14835
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descript...
CVE-2019-10197
A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared ...
CVE-2019-15717
Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double CAP.
CVE-2019-11476
An integer overflow in whoopsie before versions 0.2.52.5ubuntu0.1, 0.2.62ubuntu0.1, 0.2.64ubuntu0.1, 0.2.66, results in an out-of-bounds write to a heap allocated buffer when processing large crash dumps. This results in a crash or possible code-exec...
CVE-2019-15133
In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero.
CVE-2019-9851
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calli...
CVE-2019-9850
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify tha...
CVE-2019-13377
The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able...

Copyright 2019, cxsecurity.com

 

Back to Top