openEuler 20.03 LTS SP1 update for dovecot

Published: 2021-07-17

Risk	Medium
Patch available	YES
Number of vulnerabilities	2
CVE-ID	CVE-2020-28200 CVE-2021-33515
CWE-ID	CWE-399 CWE-74
Exploitation vector	Network
Public exploit	N/A
Vulnerable software Subscribe	openEuler Operating systems & Components / Operating system dovecot-debugsource Operating systems & Components / Operating system package or component dovecot-help Operating systems & Components / Operating system package or component dovecot-devel Operating systems & Components / Operating system package or component dovecot-debuginfo Operating systems & Components / Operating system package or component dovecot Operating systems & Components / Operating system package or component
Vendor	openEuler

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Resource management error

EUVDB-ID: #VU54284

Risk: Medium

CVSSv3.1: 5.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-28200

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within regex sieve extension. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

dovecot-debugsource: before 2.3.15-1

dovecot-help: before 2.3.15-1

dovecot-devel: before 2.3.15-1

dovecot-debuginfo: before 2.3.15-1

dovecot: before 2.3.15-1

CPE2.3

cpe:2.3:o:openeuler:openeuler:20.03:LTS SP1:*:*:*:*:*:

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2021-1270

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Code injection

EUVDB-ID: #VU54286

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-33515

CWE-ID: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists in the way STARTTLS command in processed by the SMTP server. the commands sent during the session before the STARTTLS command are queued and executed later, after the STARTTLS finished with the client. As a result, a remote attacker can perform a MitM attack and gain access to victim's emails.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

dovecot-debugsource: before 2.3.15-1

dovecot-help: before 2.3.15-1

dovecot-devel: before 2.3.15-1

dovecot-debuginfo: before 2.3.15-1

dovecot: before 2.3.15-1

CPE2.3

cpe:2.3:o:openeuler:openeuler:20.03:LTS SP1:*:*:*:*:*:

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2021-1270

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.