The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Dovecot: memory corruption with mmap_disable

Synthesis of the vulnerability 

When mmap_disable is activated, an authenticated attacker can generate an off by one buffer overflow.
Vulnerable software: Fedora, Unix (platform) ~ not comprehensive.
Severity of this announce: 1/4.
Creation date: 19/12/2006.
Références of this computer vulnerability: BID-21183, CVE-2006-5973, FEDORA-2006-1396, FEDORA-2006-1504, VIGILANCE-VUL-6409.

Description of the vulnerability 

Dovecot program is an IMAP/POP3 server.

The dovecot.index.cache directive of dovecot.conf indicates the cache filename. The mmap_disable directive indicates that Dovecot has to use its own cache code to manage the dovecot.index.cache file. The mail_location directive indicates if cache files are used, for example "...INDEX=%h/indexes".

The cache management code contains a buffer overflow of one byte. This overflow occurs if mmap_disable=yes and INDEX=_a_file_.

An authenticated attacker can exploit this vulnerability to generate a denial of service and eventually to execute code.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This threat impacts software or systems such as Fedora, Unix (platform) ~ not comprehensive.

Our Vigil@nce team determined that the severity of this computer threat is low.

The trust level is of type confirmed by the editor, with an origin of user account.

An attacker with a expert ability can exploit this cybersecurity bulletin.

Solutions for this threat 

Dovecot: version 1.0.rc15.
Version 1.0.rc15 is corrected:
  http://dovecot.org/releases/dovecot-1.0.rc15.tar.gz
  http://dovecot.org/releases/dovecot-1.0.rc15.tar.gz.sig

Fedora Core 5: new dovecot packages.
New packages are available:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
6d09f264c1e749e3223e652a3e613a6b32e1ca2d SRPMS/dovecot-1.0-0.beta8.3.fc5.src.rpm
6d09f264c1e749e3223e652a3e613a6b32e1ca2d noarch/dovecot-1.0-0.beta8.3.fc5.src.rpm
1157816b680333c3b9ec19767b2bd19183be62a2 ppc/dovecot-1.0-0.beta8.3.fc5.ppc.rpm
95009527ec837b2dcf52f40b5217f5ab13bbf01c ppc/debug/dovecot-debuginfo-1.0-0.beta8.3.fc5.ppc.rpm
f697c8651091a471c471f8416d48cc80633d575f x86_64/debug/dovecot-debuginfo-1.0-0.beta8.3.fc5.x86_64.rpm
bbfe34080611db6495ed7dcbe8f2cd35e6a9f776 x86_64/dovecot-1.0-0.beta8.3.fc5.x86_64.rpm
570d142492b4910400cec5eff28ea48c35ba6e3b i386/dovecot-1.0-0.beta8.3.fc5.i386.rpm
915ae34d101ef0d2ffff22e41cdd80385a887d1f i386/debug/dovecot-debuginfo-1.0-0.beta8.3.fc5.i386.rpm

Fedora Core 6: new dovecot packages.
New packages are available:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/
71a3a97b63f128c0e0daf60f26ad08eca1f87238 SRPMS/dovecot-1.0-1.rc15.fc6.src.rpm
71a3a97b63f128c0e0daf60f26ad08eca1f87238 noarch/dovecot-1.0-1.rc15.fc6.src.rpm
48afbd062f965e88f78427d746d1677e6d004503 ppc/debug/dovecot-debuginfo-1.0-1.rc15.fc6.ppc.rpm
ca5f53a01d05a9605077c5baaa555789a5b25b60 ppc/dovecot-1.0-1.rc15.fc6.ppc.rpm
36938c71a0190a62f46d4066001c255b67d2cfd6 x86_64/debug/dovecot-debuginfo-1.0-1.rc15.fc6.x86_64.rpm
faae4123dbcf9354a92d0173d24657237f80b357 x86_64/dovecot-1.0-1.rc15.fc6.x86_64.rpm
2e2bdaee7b7ddc9a4f7cbcb3ff4ef31f7bc1791e i386/dovecot-1.0-1.rc15.fc6.i386.rpm
90ce9cbf7e3ad3a62f1831ec4666b5469d07e638 i386/debug/dovecot-debuginfo-1.0-1.rc15.fc6.i386.rpm
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides software vulnerabilities analysis. The Vigil@nce vulnerability database contains several thousand vulnerabilities.