Dovecot 2.3.11.3 Denial Of Service

2021.01.07

Credit: Innokentii Sennovskiy

Risk: Medium

Local: No

Remote: Yes

CVE: CVE-2020-25275 | CVE-2020-12100

CWE: CWE-20

Open-Xchange Security Advisory 2021-01-04
Product: Dovecot
Vendor: OX Software GmbH
Internal reference: DOV-4113 (Bug ID)
Vulnerability type: CWE-20: Improper Input Validation
Vulnerable version: 2.3.11-2.3.11.3
Vulnerable component: lda, lmtp, imap
Report confidence: Confirmed
Solution status: Fixed by Vendor
Fixed version: 2.3.13
Vendor notification: 2020-09-10
Solution date: 2020-09-14
Public disclosure: 2021-01-04
CVE reference: CVE-2020-25275
CVSS: 5.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Researcher credit: Innokentii Sennovskiy (Rumata888) from BI.ZONE
Vulnerability Details:
Mail delivery / parsing crashed when the 10 000th MIME part was
message/rfc822 (or if parent was multipart/digest). This happened
due to earlier MIME parsing changes for CVE-2020-12100.
Risk:
Malicious sender can crash dovecot repeatedly by sending / uploading
message with more than 10 000 MIME parts.
Workaround:
These are usually dropped by MTA, where the mitigation can also be applied.
Solution:
Operators should update to 2.3.13 or later version.

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Dovecot 2.3.11.3 Denial Of Service

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.