Denial of Service and Mailbox Corruption Vulnerability in Dovecot 1.2.x and 2.0.x

Denial of Service and Mailbox Corruption Vulnerability in Dovecot 1.2.x and 2.0.x

CVE-2011-1929 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.

Learn more about our Web Application Penetration Testing UK.