MDVSA-2014:099 -- Mandriva dovecotID: oval:org.secpod.oval:def:1300296 | Date: (C)2014-06-11 (M)2022-10-10 |
Class: PATCH | Family: unix |
A vulnerability has been discovered and corrected in dovecot: Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service via an incomplete SSL/TLS handshake for an IMAP/POP3 connection . The updated packages have been patched to correct this issue.
Platform: |
Mandriva Enterprise Server 5.2 |