Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2017-2669

Published: 21/06/2018 Updated: 09/10/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

Dovecot before version 2.2.29 is vulnerable to a denial of service. When 'dict' passdb and userdb were used for user authentication, the username sent by the IMAP/POP3 client was sent through var_expand() to perform %variable expansion. Sending specially crafted %variable fields could result in excessive memory usage causing the process to crash (and restart), or excessive CPU usage causing all authentications to hang.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

dovecot dovecot

debian debian linux 8.0

Vendor Advisories

Debian CVElist Bug Report Logs: dovecot: CVE-2017-2669
Debian Bug report logs - #860049 dovecot: CVE-2017-2669 Package: src:dovecot; Maintainer for src:dovecot is Dovecot Maintainers <dovecot@packagesdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 10 Apr 2017 19:57:02 UTC Severity: important Tags: patch, security, upstream Found in version ...
Ubuntu Security Notice: dovecot regression
USN-3258-1 introduced a regression in Dovecot ...
Ubuntu Security Notice: dovecot vulnerability
Dovecot could be made to crash if it received specially crafted input ...
Red Hat: CVE-2017-2669
Dovecot before version 2229 is vulnerable to a denial of service When 'dict' passdb and userdb were used for user authentication, the username sent by the IMAP/POP3 client was sent through var_expand() to perform %variable expansion Sending specially crafted %variable fields could result in excessive memory usage causing the process to crash (a ...
Arch Linux Issues:
A security issue has been found in Dovecot >= 2226 and <= 2228 If the "dict" passdb is used for authentication, the username sent by the client is passed to the var_expand() function and double expansion of %-variables is performed A remote unauthenticated attacker could then send a specially crafted username containing %variables to ca ...

References

CWE-20https://github.com/dovecot/core/commit/000030feb7a30f193197f1aab8a7b04a26b42735.patchhttps://dovecot.org/pipermail/dovecot-news/2017-April/000341.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2669http://www.openwall.com/lists/oss-security/2017/04/11/1https://www.debian.org/security/2017/dsa-3828http://www.securityfocus.com/bid/97536https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860049https://nvd.nist.govhttps://usn.ubuntu.com/3258-2/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673CVE-2024-36674CVE-2024-27348unspecifiedCVE-2024-24919CVE-2024-4870malicious code‎CVE-2024-2019hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook