Dovecot CVE-2017-14461 Out-Of-Bounds Read Information Disclosure Vulnerability

Dovecot is prone to an information-disclosure vulnerability.

An attacker can exploit this issue to obtain sensitive information. Failed exploit attempts will result in a denial-of-service condition.

Dovecot 2.2.33.2 is vulnerable; other versions may also be affected.

Information

Bugtraq ID: 103201
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2017-14461

Remote: Yes
Local: No
Published: Mar 01 2018 12:00AM
Updated: Mar 01 2018 12:00AM
Credit: Aleksandar Nikolic of Cisco Talos.
Vulnerable: Dovecot Dovecot 2.2.33.2

Not Vulnerable:

Exploit

The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.

Source: www.securityfocus.com

Exploit Collector

Search Exploit