SB2021083141 - SUSE update for dovecot23 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2021083141

SB2021083141 - SUSE update for dovecot23

Published: August 31, 2021

Security Bulletin ID SB2021083141
Severity
Medium
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 80% Low 20%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Infinite loop (CVE-ID: CVE-2020-12100)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop in submission, lmtp, and lda when processing e-mail message with deeply nested MIME parts. A remote attacker can send a specially crafted email to consume all available system resources and cause denial of service conditions.


2) Information disclosure (CVE-ID: CVE-2020-24386)

The vulnerability allows a remote user to gain access to sensitive information.

The vulnerability exists due to an error, related to IMAP hibernation. A remote user can run a specially crafted command to discover system directory structure and access emails of other users.


3) Resource management error (CVE-ID: CVE-2020-28200)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within regex sieve extension. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.


4) Path traversal (CVE-ID: CVE-2021-29157)

The vulnerability allows a local user to perform directory traversal attacks.

The vulnerability exists due to validation of kid and azp fields in JWT tokens. A local user to ability to control a JWT token location can login as any MTA user and access their emails.


5) Code injection (CVE-ID: CVE-2021-33515)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists in the way STARTTLS command in processed by the SMTP server. the commands sent during the session before the STARTTLS command are queued and executed later, after the STARTTLS finished with the client. As a result, a remote attacker can perform a MitM attack and gain access to victim's emails.


Remediation

Install update from vendor's website.

References