Download
| Alert*
|
oval:org.secpod.oval:def:89002798
This update for dovecot23 fixes the following issues: Security issues fixed: - CVE-2020-12100: Fixed a resource exhaustion caused by deeply nested MIME parts . - CVE-2020-24386: Fixed an issue with IMAP hibernation that allowed users to access other users" emails . - CVE-2020-25275: Fixed a crash wh ... oval:org.secpod.oval:def:66738 Several vulnerabilities have been discovered in the dovecot-core email server. CVE-2020-12100 Receiving mail with deeply nested MIME parts leads to resource exhaustion as dovecot-core attempts to parse it. CVE-2020-12673 dovecot-core"s NTLM implementation does not correctly check message buffer size ... oval:org.secpod.oval:def:67071 dovecot: IMAP and POP3 email server Several security issues were fixed in Dovecot. oval:org.secpod.oval:def:66575 Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix: * dovecot: ... oval:org.secpod.oval:def:1802071 Mail delivery / parsing crashed when the 10 000th MIME part was message/rfc822 (or if parent was multipart/digest). This happened due to earlier MIME parsing changes for CVE-2020-12100. oval:org.secpod.oval:def:118788 Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plug-ins are in their subpackages. oval:org.secpod.oval:def:118664 Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plug-ins are in their subpackages. oval:org.secpod.oval:def:1601205 A flaw was found in dovecot. A remote attacker could cause a denial of service by repeatedly sending emails containing MIME parts containing malicious content of which dovecot will attempt to parse. The highest threat from this vulnerability is to system availability. In Dovecot before 2.3.11.3, unc ... oval:org.secpod.oval:def:504274 Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix: * dovecot: ... oval:org.secpod.oval:def:605381 Several vulnerabilities have been discovered in the Dovecot email server. CVE-2020-24386 When imap hibernation is active, an attacker can cause Dovecot to discover file system directory structures and access other users" emails via specially crafted commands. CVE-2020-25275 Innokentii Sennovskiy re ... oval:org.secpod.oval:def:205609 Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix: * dovecot: ... oval:org.secpod.oval:def:705579 dovecot: IMAP and POP3 email server Several security issues were fixed in Dovecot. oval:org.secpod.oval:def:1700398 In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled. A flaw was found in dovecot. An attacker can use the way dovecot handles RPA to crash the authentication process repeatedly preventing login. The highest threat ... oval:org.secpod.oval:def:604986 Several vulnerabilities have been discovered in the Dovecot email server. CVE-2020-12100 Receiving mail with deeply nested MIME parts leads to resource exhaustion as Dovecot attempts to parse it. CVE-2020-12673 Dovecot"s NTLM implementation does not correctly check message buffer size, which leads t ... oval:org.secpod.oval:def:504287 Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix: * dovecot: ... oval:org.secpod.oval:def:1503040 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89049436 This update for dovecot23 fixes the following issues: Security issues fixed: - CVE-2020-12100: Fixed a resource exhaustion caused by deeply nested MIME parts . - CVE-2020-24386: Fixed an issue with IMAP hibernation that allowed users to access other users" emails . - CVE-2020-25275: Fixed a crash wh ... oval:org.secpod.oval:def:89049534 This update for dovecot23 fixes the following issues: Security issues fixed: - CVE-2020-12100: Fixed a resource exhaustion caused by deeply nested MIME parts . - CVE-2020-12673: Fixed an improper implementation of NTLM that did not check the message buffer size . - CVE-2020-12674: Fixed an improper ... oval:org.secpod.oval:def:1503026 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:97572 [CLSA-2021:1634573745] Fixed CVEs in dovecot: CVE-2020-25275, CVE-2020-12100 |
