Dovecot CVE-2017-14461 Out-Of-Bounds Read Information Disclosure Vulnerability

Dovecot is prone to an information-disclosure vulnerability.

An attacker can exploit this issue to obtain sensitive information. Failed exploit attempts will result in a denial-of-service condition.

Dovecot is vulnerable; other versions may also be affected.


Bugtraq ID: 103201
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2017-14461

Remote: Yes
Local: No
Published: Mar 01 2018 12:00AM
Updated: Mar 01 2018 12:00AM
Credit: Aleksandar Nikolic of Cisco Talos.
Vulnerable: Dovecot Dovecot

Not Vulnerable:


The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.

Related Posts