CVE-2006-5973

Name: CVE-2006-5973
Creator: NVD / NIST
Published: 2006-11-20T19:07:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 2.65%

Last modified Jun 16, 2026

CVE-2006-5973 is a vulnerability of currently unknown severity. Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.. EPSS estimates a 2.65% chance of exploitation in the next 30 days.

Description

Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.

Metrics

EPSS Probability

2.65%

83.7th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Timo Sirainen	Dovecot	1.0
Timo Sirainen	Dovecot	1.0.alpha1
Timo Sirainen	Dovecot	1.0.alpha2
Timo Sirainen	Dovecot	1.0.alpha3
Timo Sirainen	Dovecot	1.0.alpha4
Timo Sirainen	Dovecot	1.0.alpha5
Timo Sirainen	Dovecot	1.0.beta1
Timo Sirainen	Dovecot	1.0.beta2
Timo Sirainen	Dovecot	1.0.beta3
Timo Sirainen	Dovecot	1.0.beta4
Timo Sirainen	Dovecot	1.0.beta5
Timo Sirainen	Dovecot	1.0.beta6
Timo Sirainen	Dovecot	1.0.beta7
Timo Sirainen	Dovecot	1.0.beta8
Timo Sirainen	Dovecot	1.0.beta9
Timo Sirainen	Dovecot	1.0.rc1
Timo Sirainen	Dovecot	1.0.rc2
Timo Sirainen	Dovecot	1.0.rc3
Timo Sirainen	Dovecot	1.0.rc4
Timo Sirainen	Dovecot	1.0.rc5
Timo Sirainen	Dovecot	1.0.rc6
Timo Sirainen	Dovecot	1.0.rc7
Timo Sirainen	Dovecot	1.0.rc8
Timo Sirainen	Dovecot	1.0.rc9
Timo Sirainen	Dovecot	1.0.rc10
Timo Sirainen	Dovecot	1.0.rc11
Timo Sirainen	Dovecot	1.0.rc12
Timo Sirainen	Dovecot	1.0.rc13
Timo Sirainen	Dovecot	1.0.rc14
Timo Sirainen	Dovecot	1.0.test53
Timo Sirainen	Dovecot	1.0.test54
Timo Sirainen	Dovecot	1.0.test55
Timo Sirainen	Dovecot	1.0.test56
Timo Sirainen	Dovecot	1.0.test57
Timo Sirainen	Dovecot	1.0.test58
Timo Sirainen	Dovecot	1.0.test59
Timo Sirainen	Dovecot	1.0.test60
Timo Sirainen	Dovecot	1.0.test61
Timo Sirainen	Dovecot	1.0.test62
Timo Sirainen	Dovecot	1.0.test63
Timo Sirainen	Dovecot	1.0.test64
Timo Sirainen	Dovecot	1.0.test65
Timo Sirainen	Dovecot	1.0.test66
Timo Sirainen	Dovecot	1.0.test67
Timo Sirainen	Dovecot	1.0.test68
Timo Sirainen	Dovecot	1.0.test69
Timo Sirainen	Dovecot	1.0.test70
Timo Sirainen	Dovecot	1.0.test71
Timo Sirainen	Dovecot	1.0.test72
Timo Sirainen	Dovecot	1.0.test73

Showing 50 of 57 affected configurations. See NVD for the full list.

References

Timeline

Published: Nov 20, 2006
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2006-5973?

How severe is CVE-2006-5973?

Severity scoring for CVE-2006-5973 is pending analysis. The EPSS model estimates a 2.65% probability of exploitation in the next 30 days.

How do I fix CVE-2006-5973?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2006-5973?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST