Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

[ MDVSA-2010:217 ] dovecot
From: security () mandriva com
Date: Sat, 30 Oct 2010 18:54:01 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2010:217
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : dovecot
 Date    : October 30, 2010
 Affected: 2010.0, 2010.1
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities was discovered and corrected in dovecot:
 
 Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin
 permission to the owner of each mailbox in a non-public namespace,
 which might allow remote authenticated users to bypass intended access
 restrictions by changing the ACL of a mailbox, as demonstrated by a
 symlinked shared mailbox (CVE-2010-3779).
 
 Dovecot 1.2.x before 1.2.15 allows remote authenticated users to
 cause a denial of service (master process outage) by simultaneously
 disconnecting many (1) IMAP or (2) POP3 sessions (CVE-2010-3780).
 
 The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to
 newly created mailboxes in certain configurations, which might allow
 remote attackers to read mailboxes that have unintended weak ACLs
 (CVE-2010-3304).
 
 plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15
 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to
 add to the permissions granted by another ACL entry, instead of a
 directive to replace the permissions granted by another ACL entry,
 in certain circumstances involving the private namespace of a user,
 which allows remote authenticated users to bypass intended access
 restrictions via a request to read or modify a mailbox (CVE-2010-3706).
 
 plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and
 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to
 the permissions granted by another ACL entry, instead of a directive
 to replace the permissions granted by another ACL entry, in certain
 circumstances involving more specific entries that occur after less
 specific entries, which allows remote authenticated users to bypass
 intended access restrictions via a request to read or modify a mailbox
 (CVE-2010-3707).
 
 This advisory provides dovecot 1.2.15 which is not vulnerable to
 these issues
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3779
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3780
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3304
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3706
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3707
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2010.0:
 1df58b06a8f532b9f3b53e3e5c38b95a  2010.0/i586/dovecot-1.2.15-0.1mdv2010.0.i586.rpm
 b50eb47d4798f4e180be2838612c1922  2010.0/i586/dovecot-devel-1.2.15-0.1mdv2010.0.i586.rpm
 bbf80f23b7a01bf614a6d3938fb9294f  2010.0/i586/dovecot-plugins-gssapi-1.2.15-0.1mdv2010.0.i586.rpm
 d292ce098defe8ee5ac0a8b77d6433b7  2010.0/i586/dovecot-plugins-ldap-1.2.15-0.1mdv2010.0.i586.rpm
 07b65d7e5015fe1d1d49e2bb51b8f10f  2010.0/i586/dovecot-plugins-managesieve-1.2.15-0.1mdv2010.0.i586.rpm
 018407c89d2adcbd1e4cc4d8b548c03f  2010.0/i586/dovecot-plugins-mysql-1.2.15-0.1mdv2010.0.i586.rpm
 5acb1e87956a7227197b35276de8234e  2010.0/i586/dovecot-plugins-pgsql-1.2.15-0.1mdv2010.0.i586.rpm
 2af2c1a5c942176dca6679b0d35cfc97  2010.0/i586/dovecot-plugins-sieve-1.2.15-0.1mdv2010.0.i586.rpm
 3311b70cb438d6870175649f1e788d57  2010.0/i586/dovecot-plugins-sqlite-1.2.15-0.1mdv2010.0.i586.rpm 
 7cdeb278f84d3b76dda11c3c553a393e  2010.0/SRPMS/dovecot-1.2.15-0.1mdv2010.0.src.rpm

 Mandriva Linux 2010.0/X86_64:
 3c2a94c6963b9729f26bae309f316be1  2010.0/x86_64/dovecot-1.2.15-0.1mdv2010.0.x86_64.rpm
 f27bd0aa4321a50f81438ceb28e7afdf  2010.0/x86_64/dovecot-devel-1.2.15-0.1mdv2010.0.x86_64.rpm
 f16efcfc0623def5190c36225d6b4fb0  2010.0/x86_64/dovecot-plugins-gssapi-1.2.15-0.1mdv2010.0.x86_64.rpm
 dbd0b2d9d5e3345ea356914ae3039dca  2010.0/x86_64/dovecot-plugins-ldap-1.2.15-0.1mdv2010.0.x86_64.rpm
 f5f7028181fa5da66aac7afe38867a0f  2010.0/x86_64/dovecot-plugins-managesieve-1.2.15-0.1mdv2010.0.x86_64.rpm
 86483fa99bc562b0f60c5c040c682a7a  2010.0/x86_64/dovecot-plugins-mysql-1.2.15-0.1mdv2010.0.x86_64.rpm
 6f0a630ba4b0a0e6597adda930042eff  2010.0/x86_64/dovecot-plugins-pgsql-1.2.15-0.1mdv2010.0.x86_64.rpm
 3296ba8b59f6efa87b1ba4e22519d993  2010.0/x86_64/dovecot-plugins-sieve-1.2.15-0.1mdv2010.0.x86_64.rpm
 e680d9ee9ada976e9c6ea879292cab33  2010.0/x86_64/dovecot-plugins-sqlite-1.2.15-0.1mdv2010.0.x86_64.rpm 
 7cdeb278f84d3b76dda11c3c553a393e  2010.0/SRPMS/dovecot-1.2.15-0.1mdv2010.0.src.rpm

 Mandriva Linux 2010.1:
 2731f51745c762cfab4d66cba6309175  2010.1/i586/dovecot-1.2.15-0.1mdv2010.1.i586.rpm
 2287de86adbae6f0dba5554a44cadc5f  2010.1/i586/dovecot-devel-1.2.15-0.1mdv2010.1.i586.rpm
 277acece0cf80d1b3be2621ad8282fd2  2010.1/i586/dovecot-plugins-gssapi-1.2.15-0.1mdv2010.1.i586.rpm
 77e7aac7a9dbb78e407f18fff0e2a9c3  2010.1/i586/dovecot-plugins-ldap-1.2.15-0.1mdv2010.1.i586.rpm
 4e4bbcc9da33d320765bea61031a75c7  2010.1/i586/dovecot-plugins-managesieve-1.2.15-0.1mdv2010.1.i586.rpm
 5b32c80bae3715924e16b2d67ee61894  2010.1/i586/dovecot-plugins-mysql-1.2.15-0.1mdv2010.1.i586.rpm
 3a0adc6c306eed6515b867cb34222160  2010.1/i586/dovecot-plugins-pgsql-1.2.15-0.1mdv2010.1.i586.rpm
 2cc4f8af517d94d0d5bf5cd308ee8a31  2010.1/i586/dovecot-plugins-sieve-1.2.15-0.1mdv2010.1.i586.rpm
 c16a48894cdd7531708f56d8aafa0df4  2010.1/i586/dovecot-plugins-sqlite-1.2.15-0.1mdv2010.1.i586.rpm 
 8cc9f2f095a8d7e3b464d7049b74cf52  2010.1/SRPMS/dovecot-1.2.15-0.1mdv2010.1.src.rpm

 Mandriva Linux 2010.1/X86_64:
 071057272f0405a630de36f6a1d2eb96  2010.1/x86_64/dovecot-1.2.15-0.1mdv2010.1.x86_64.rpm
 2af648cf2d0352b1b912da8a09f917f4  2010.1/x86_64/dovecot-devel-1.2.15-0.1mdv2010.1.x86_64.rpm
 644228dfccad5a1448a487eb7fe1d106  2010.1/x86_64/dovecot-plugins-gssapi-1.2.15-0.1mdv2010.1.x86_64.rpm
 48f8b58f5d5980b8936d16ef818f4a88  2010.1/x86_64/dovecot-plugins-ldap-1.2.15-0.1mdv2010.1.x86_64.rpm
 c67c94f4d89053ad2c7fe688c57b2524  2010.1/x86_64/dovecot-plugins-managesieve-1.2.15-0.1mdv2010.1.x86_64.rpm
 b5c7e8430ddc4cd718669657597f1c7c  2010.1/x86_64/dovecot-plugins-mysql-1.2.15-0.1mdv2010.1.x86_64.rpm
 70365efc4c102315abdfb25d24ef4f51  2010.1/x86_64/dovecot-plugins-pgsql-1.2.15-0.1mdv2010.1.x86_64.rpm
 b63db34635907c36466c97ace31c1ec7  2010.1/x86_64/dovecot-plugins-sieve-1.2.15-0.1mdv2010.1.x86_64.rpm
 a208a34c7448bb439603bb6ee2e56eec  2010.1/x86_64/dovecot-plugins-sqlite-1.2.15-0.1mdv2010.1.x86_64.rpm 
 8cc9f2f095a8d7e3b464d7049b74cf52  2010.1/SRPMS/dovecot-1.2.15-0.1mdv2010.1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFMzCF3mqjQ0CJFipgRAuERAJ9xuqu9TdMIMsvem+1A1/ljZHkw5ACggX32
1Au0YeDEpCfC8B+FCBipws8=
=zUwy
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
  • [ MDVSA-2010:217 ] dovecot security (Oct 30)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]