[VIM] Dovecot 'LIST' Command Denial of Service Vulnerability
Henri Salo
henri at nerv.fi
Thu Aug 15 00:16:02 CDT 2013
On Wed, Aug 14, 2013 at 11:25:18AM -0700, Dinesh Theerthagiri wrote:
> You are right BID 61763 has a wrong CVE number (CVE-2013-2111). Now we corrected by removing the CVE number.
>
> We consider 'LIST' command as DOS vulnerability because of below reference:
> http://www.dovecot.org/list/dovecot-news/2013-August/000261.html
>
> Thanks,
> T.Dinesh
Please see Timo's reply in oss-security http://openwall.com/lists/oss-security/2013/08/14/6
I don't think this requires CVE or other security vulnerability handling.
---
Henri Salo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://www.attrition.org/pipermail/vim/attachments/20130815/f08b33ca/attachment.asc>
More information about the VIM
mailing list