Dovecot Zlib Plugin Remote Information Disclosure Vulnerability
BID:23552
Info
Dovecot Zlib Plugin Remote Information Disclosure Vulnerability
| Bugtraq ID: | 23552 |
| Class: | Unknown |
| CVE: |
CVE-2007-2231 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 18 2007 12:00AM |
| Updated: | May 21 2008 09:14PM |
| Credit: | Jonathan Smith and Justin Forbes are credited with the discovery of this vulnerability |
| Vulnerable: |
Ubuntu Ubuntu Linux 7.04 sparc Ubuntu Ubuntu Linux 7.04 powerpc Ubuntu Ubuntu Linux 7.04 i386 Ubuntu Ubuntu Linux 7.04 amd64 Ubuntu Ubuntu Linux 6.10 sparc Ubuntu Ubuntu Linux 6.10 powerpc Ubuntu Ubuntu Linux 6.10 i386 Ubuntu Ubuntu Linux 6.10 amd64 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 rPath rPath Linux 1 Redhat Enterprise Linux Desktop Workstation 5 client Redhat Enterprise Linux 5 server Dovecot Dovecot 1.0.RC9 Dovecot Dovecot 1.0.RC8 Dovecot Dovecot 1.0.RC7 Dovecot Dovecot 1.0.RC6 Dovecot Dovecot 1.0.RC5 Dovecot Dovecot 1.0.RC4 Dovecot Dovecot 1.0.RC3 Dovecot Dovecot 1.0.RC2 Dovecot Dovecot 1.0.RC15 Dovecot Dovecot 1.0.RC14 Dovecot Dovecot 1.0.RC13 Dovecot Dovecot 1.0.RC12 Dovecot Dovecot 1.0.RC11 Dovecot Dovecot 1.0.RC10 Dovecot Dovecot 1.0.Beta3 Dovecot Dovecot 1.0.Beta2 Dovecot Dovecot 1.0 Rc1 Dovecot Dovecot 1.0 Beta8 Dovecot Dovecot 1.0 Beta7 Dovecot Dovecot 1.0 Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia-64 Debian Linux 4.0 ia-32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0 |
| Not Vulnerable: |
Dovecot Dovecot 1.0 rc29 |
Discussion
Dovecot Zlib Plugin Remote Information Disclosure Vulnerability
Dovecot is prone to an information-disclosure vulnerability.
An attacker can exploit this issue to access sensitive information that may lead to further attacks.
Dovecot is prone to an information-disclosure vulnerability.
An attacker can exploit this issue to access sensitive information that may lead to further attacks.
Exploit / POC
Dovecot Zlib Plugin Remote Information Disclosure Vulnerability
An attacker can exploit this issue by using standard network utilities.
An attacker can exploit this issue by using standard network utilities.
Solution / Fix
Dovecot Zlib Plugin Remote Information Disclosure Vulnerability
Solution:
The vendor released an update to address this issue. Please see the references for more information.
Solution:
The vendor released an update to address this issue. Please see the references for more information.
References
Dovecot Zlib Plugin Remote Information Disclosure Vulnerability
References:
References:
- Dovecot minor information disclosure issue (rPath)
- Vendor Homepage (Dovecot)
- RHSA-2008:0297-6 dovecot security and bug fix update (Red Hat)