Executive Summary

Informations
Name CVE-2011-4318 First vendor Publication 2013-03-06
Vendor Cve Last vendor Modification 2013-03-07

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:N)
Cvss Base Score 5.8 Attack Range Network
Cvss Impact Score 4.9 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4318

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-20 Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:15031
 
Oval ID: oval:org.mitre.oval:def:15031
Title: USN-1295-1 -- Dovecot vulnerability
Description: dovecot: IMAP and POP3 email server Dovecot could be made to expose sensitive information over the network.
Family: unix Class: patch
Reference(s): USN-1295-1
CVE-2011-4318
 Version: 5
Platform(s): Ubuntu 11.10
 Product(s): Dovecot
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27001
 
Oval ID: oval:org.mitre.oval:def:27001
Title: RHSA-2013:0520 -- dovecot security and bug fix update (Low)
Description: Dovecot is an IMAP server, written with security primarily in mind, for Linux and other UNIX-like systems. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plug-ins are provided as sub-packages. Two flaws were found in the way some settings were enforced by the script-login functionality of Dovecot. A remote, authenticated user could use these flaws to bypass intended access restrictions or conduct a directory traversal attack by leveraging login scripts. (CVE-2011-2166, CVE-2011-2167) A flaw was found in the way Dovecot performed remote server identity verification, when it was configured to proxy IMAP and POP3 connections to remote hosts using TLS/SSL protocols. A remote attacker could use this flaw to conduct man-in-the-middle attacks using an X.509 certificate issued by a trusted Certificate Authority (for a different name). (CVE-2011-4318) This update also fixes the following bug: * When a new user first accessed their IMAP inbox, Dovecot was, under some circumstances, unable to change the group ownership of the inbox directory in the user's Maildir location to match that of the user's mail spool (/var/mail/$USER). This correctly generated an "Internal error occurred" message. However, with a subsequent attempt to access the inbox, Dovecot saw that the directory already existed and proceeded with its operation, leaving the directory with incorrectly set permissions. This update corrects the underlying permissions setting error. When a new user now accesses their inbox for the first time, and it is not possible to set group ownership, Dovecot removes the created directory and generates an error message instead of keeping the directory with incorrect group ownership. (BZ#697620) Users of dovecot are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the dovecot service will be restarted automatically.
Family: unix Class: patch
Reference(s): RHSA-2013:0520
CESA-2013:0520
CVE-2011-2166
CVE-2011-2167
CVE-2011-4318
 Version: 3
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
 Product(s): dovecot
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 16

OpenVAS Exploits

Date Description
2012-03-16 Name : Ubuntu Update for dovecot USN-1295-1
File : nvt/gb_ubuntu_USN_1295_1.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
77185 Dovecot SSL Certificate Common Name Field MitM Spoofing Weakness

Nessus® Vulnerability Scanner

Date Description
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2011-88.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_dovecot20-111215.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-0520.nasl - Type : ACT_GATHER_INFO
2013-03-10 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-0520.nasl - Type : ACT_GATHER_INFO
2013-03-05 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130221_dovecot_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-02-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0520.nasl - Type : ACT_GATHER_INFO
2011-12-09 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1295-1.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
CONFIRM http://hg.dovecot.org/dovecot-2.0/rev/5e9eaf63a6b1
MISC https://bugs.gentoo.org/show_bug.cgi?id=390887
https://bugzilla.redhat.com/show_bug.cgi?id=754980
MLIST http://www.dovecot.org/list/dovecot-news/2011-November/000200.html
http://www.openwall.com/lists/oss-security/2011/11/18/5
http://www.openwall.com/lists/oss-security/2011/11/18/7
REDHAT http://rhn.redhat.com/errata/RHSA-2013-0520.html
SECUNIA http://secunia.com/advisories/46886
http://secunia.com/advisories/52311

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
Date Informations
2024-02-02 01:17:36
  • Multiple Updates
2024-02-01 12:05:12
  • Multiple Updates
2023-09-05 12:16:31
  • Multiple Updates
2023-09-05 01:05:04
  • Multiple Updates
2023-09-02 12:16:37
  • Multiple Updates
2023-09-02 01:05:10
  • Multiple Updates
2023-08-12 12:20:12
  • Multiple Updates
2023-08-12 01:05:11
  • Multiple Updates
2023-08-11 12:16:42
  • Multiple Updates
2023-08-11 01:05:20
  • Multiple Updates
2023-08-06 12:16:03
  • Multiple Updates
2023-08-06 01:05:11
  • Multiple Updates
2023-08-04 12:16:07
  • Multiple Updates
2023-08-04 01:05:11
  • Multiple Updates
2023-07-14 12:16:06
  • Multiple Updates
2023-07-14 01:05:09
  • Multiple Updates
2023-03-29 01:17:59
  • Multiple Updates
2023-03-28 12:05:16
  • Multiple Updates
2022-10-11 12:14:23
  • Multiple Updates
2022-10-11 01:04:53
  • Multiple Updates
2021-05-04 12:17:50
  • Multiple Updates
2021-04-22 01:21:08
  • Multiple Updates
2020-09-03 01:07:20
  • Multiple Updates
2020-05-23 00:32:11
  • Multiple Updates
2016-04-26 21:13:44
  • Multiple Updates
2014-06-14 13:31:56
  • Multiple Updates
2014-02-17 11:06:11
  • Multiple Updates
2013-05-10 23:10:24
  • Multiple Updates
2013-03-07 17:18:50
  • Multiple Updates
2013-03-07 13:19:39
  • First insertion