CVE-2006-0730

Description

Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability.

How to fix CVE-2006-0730

To remediate CVE-2006-0730, upgrade the affected package to a fixed version below.

• Debian/dovecot—upgrade to 1.0.beta3-1 or later

Is CVE-2006-0730 being exploited?

Low — EPSS is 0.9%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 1.0.beta3-1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2006-0730