ID |
CVE-2010-3780
|
Summary |
Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:dovecot:dovecot:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.2.0:*:*:*:*:*:*:*
-
cpe:2.3:a:dovecot:dovecot:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.2.1:*:*:*:*:*:*:*
-
cpe:2.3:a:dovecot:dovecot:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.2.2:*:*:*:*:*:*:*
-
cpe:2.3:a:dovecot:dovecot:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.2.3:*:*:*:*:*:*:*
-
cpe:2.3:a:dovecot:dovecot:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.2.4:*:*:*:*:*:*:*
-
cpe:2.3:a:dovecot:dovecot:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.2.5:*:*:*:*:*:*:*
-
cpe:2.3:a:dovecot:dovecot:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.2.6:*:*:*:*:*:*:*
-
cpe:2.3:a:dovecot:dovecot:1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.2.7:*:*:*:*:*:*:*
-
cpe:2.3:a:dovecot:dovecot:1.2.8:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.2.8:*:*:*:*:*:*:*
-
cpe:2.3:a:dovecot:dovecot:1.2.9:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.2.9:*:*:*:*:*:*:*
-
cpe:2.3:a:dovecot:dovecot:1.2.10:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.2.10:*:*:*:*:*:*:*
-
cpe:2.3:a:dovecot:dovecot:1.2.11:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.2.11:*:*:*:*:*:*:*
-
cpe:2.3:a:dovecot:dovecot:1.2.12:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.2.12:*:*:*:*:*:*:*
-
cpe:2.3:a:dovecot:dovecot:1.2.13:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.2.13:*:*:*:*:*:*:*
-
cpe:2.3:a:dovecot:dovecot:1.2.14:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.2.14:*:*:*:*:*:*:*
|
CVSS |
Base: | 4.0 (as of 27-08-2011 - 03:44) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
SINGLE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
NONE |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:S/C:N/I:N/A:P
|
redhat
via4
|
advisories | bugzilla | id | 641276 | title | CVE-2010-3780 Dovecot: Busy master process, receiving a lot of SIGCHLD signals rapidly while logging, could die |
| oval | OR | comment | Red Hat Enterprise Linux must be installed | oval | oval:com.redhat.rhba:tst:20070304026 |
AND | comment | Red Hat Enterprise Linux 6 is installed | oval | oval:com.redhat.rhba:tst:20111656003 |
OR | AND | comment | dovecot is earlier than 1:2.0.9-2.el6 | oval | oval:com.redhat.rhsa:tst:20110600001 |
comment | dovecot is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20110600002 |
|
AND | comment | dovecot-devel is earlier than 1:2.0.9-2.el6 | oval | oval:com.redhat.rhsa:tst:20110600003 |
comment | dovecot-devel is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20110600004 |
|
AND | comment | dovecot-mysql is earlier than 1:2.0.9-2.el6 | oval | oval:com.redhat.rhsa:tst:20110600005 |
comment | dovecot-mysql is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20110600006 |
|
AND | comment | dovecot-pgsql is earlier than 1:2.0.9-2.el6 | oval | oval:com.redhat.rhsa:tst:20110600007 |
comment | dovecot-pgsql is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20110600008 |
|
AND | comment | dovecot-pigeonhole is earlier than 1:2.0.9-2.el6 | oval | oval:com.redhat.rhsa:tst:20110600009 |
comment | dovecot-pigeonhole is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20110600010 |
|
|
|
|
| rhsa | id | RHSA-2011:0600 | released | 2011-05-19 | severity | Moderate | title | RHSA-2011:0600: dovecot security and enhancement update (Moderate) |
|
| rpms | - dovecot-1:2.0.9-2.el6
- dovecot-debuginfo-1:2.0.9-2.el6
- dovecot-devel-1:2.0.9-2.el6
- dovecot-mysql-1:2.0.9-2.el6
- dovecot-pgsql-1:2.0.9-2.el6
- dovecot-pigeonhole-1:2.0.9-2.el6
|
|
refmap
via4
|
mandriva | MDVSA-2010:217 | mlist | [dovecot] 20101002 v1.2.15 released | secunia | 43220 | ubuntu | USN-1059-1 | vupen | - ADV-2010-2840
- ADV-2011-0301
|
|
Last major update |
27-08-2011 - 03:44 |
Published |
06-10-2010 - 21:00 |
Last modified |
27-08-2011 - 03:44 |