Test ID:	1.3.6.1.4.1.25623.1.0.62984
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-666-1 (dovecot)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to dovecot announced via advisory USN-666-1. A security issue affects the following Ubuntu releases: Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. Details follow: It was discovered that certain email headers were not correctly handled by Dovecot. If a remote attacker sent a specially crafted email to a user with a mailbox managed by Dovecot, that user's mailbox would become inaccessible through Dovecot, leading to a denial of service. Solution: The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.10: dovecot-imapd 1:1.1.4-0ubuntu1.2 In general, a standard system upgrade is sufficient to effect the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-666-1 Risk factor : Medium CVSS Score: 4.3
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4907 BugTraq ID: 31997 http://www.securityfocus.com/bid/31997 http://security.gentoo.org/glsa/glsa-200812-16.xml http://www.dovecot.org/list/dovecot-news/2008-October/000089.html http://secunia.com/advisories/32479 http://secunia.com/advisories/32677 http://secunia.com/advisories/33149 http://www.ubuntu.com/usn/usn-666-1 XForce ISS Database: dovecot-mail-header-dos(46227) https://exchange.xforce.ibmcloud.com/vulnerabilities/46227
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.