Search...

Fedora 19 : dovecot-2.2.13-1.fc19 (2014-6331)

2014-06-18T00:00:00

ID FEDORA_2014-6331.NASL
Type nessus
Reporter This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2021-01-11T00:00:00

Description

Fixed a DoS attack against imap/pop3-login processes. If SSL/TLS handshake was started but wasn't finished, the login process attempted to eventually forcibly disconnect the client, but failed to do it correctly. This could have left the connections hanging arond for a long time. (Affected Dovecot v1.1+)

mdbox: Added mdbox_purge_preserve_alt setting to keep the file within alt storage during purge.

fts: Added support for parsing attachments via Apache Tika. Enable with: plugin { fts_tika = http://tikahost:9998/tika/ }

virtual plugin: Delay opening backend mailboxes until it's necessary. This requires mailbox_list_index=yes to work. (Currently IMAP IDLE command still causes all backend mailboxes to be opened.)

mail_never_cache_fields=* means now to disable all caching. This may be a useful optimization as doveadm/dsync parameter for some admin tasks which shouldn't really update the cache file.

IMAP: Return SPECIAL-USE flags always for LSUB command.

pop3 server was still crashing in v2.2.12 with some settings

maildir: Various fixes and improvements to handling compressed mails, especially when they have broken/missing S=sizes in filenames.

fts-lucene, fts-solr: Fixed crash on search when the index contained duplicate entries.

Many fixes and performance improvements to dsync and replication

director was somewhat broken when there were exactly two directors in the ring. It caused errors about 'weak users' getting stuck.

mail_attachment_dir: Attachments with the last base64-encoded line longer than the rest wasn't handled correctly.

IMAP: SEARCH/SORT PARTIAL was handled completely wrong in v2.2.11+

acl: Global ACL file handling was broken when multiple entries matched the mailbox name. (Only the first entry was used.)

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

                                        
                                            #%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory 2014-6331.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(76092);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2014-3430");
  script_bugtraq_id(67306);
  script_xref(name:"FEDORA", value:"2014-6331");

  script_name(english:"Fedora 19 : dovecot-2.2.13-1.fc19 (2014-6331)");
  script_summary(english:"Checks rpm output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"  - Fixed a DoS attack against imap/pop3-login processes. If
    SSL/TLS handshake was started but wasn't finished, the
    login process attempted to eventually forcibly
    disconnect the client, but failed to do it correctly.
    This could have left the connections hanging arond for a
    long time. (Affected Dovecot v1.1+)

  - mdbox: Added mdbox_purge_preserve_alt setting to keep
    the file within alt storage during purge.

  - fts: Added support for parsing attachments via Apache
    Tika. Enable with: plugin { fts_tika =
    http://tikahost:9998/tika/ }

  - virtual plugin: Delay opening backend mailboxes until
    it's necessary. This requires mailbox_list_index=yes to
    work. (Currently IMAP IDLE command still causes all
    backend mailboxes to be opened.)

  - mail_never_cache_fields=* means now to disable all
    caching. This may be a useful optimization as
    doveadm/dsync parameter for some admin tasks which
    shouldn't really update the cache file.

  - IMAP: Return SPECIAL-USE flags always for LSUB command.

  - pop3 server was still crashing in v2.2.12 with some
    settings

  - maildir: Various fixes and improvements to handling
    compressed mails, especially when they have
    broken/missing S=sizes in filenames.

  - fts-lucene, fts-solr: Fixed crash on search when the
    index contained duplicate entries.

  - Many fixes and performance improvements to dsync and
    replication

  - director was somewhat broken when there were exactly two
    directors in the ring. It caused errors about 'weak
    users' getting stuck.

  - mail_attachment_dir: Attachments with the last
    base64-encoded line longer than the rest wasn't handled
    correctly.

  - IMAP: SEARCH/SORT PARTIAL was handled completely wrong
    in v2.2.11+

  - acl: Global ACL file handling was broken when multiple
    entries matched the mailbox name. (Only the first entry
    was used.)

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://tikahost:9998/tika/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1096402"
  );
  # https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134486.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?09bec11b"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected dovecot package."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:dovecot");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:19");

  script_set_attribute(attribute:"patch_publication_date", value:"2014/05/13");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/18");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" &gt;!&lt; release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^19([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 19.x", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" &gt;!&lt; cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);

flag = 0;
if (rpm_check(release:"FC19", reference:"dovecot-2.2.13-1.fc19")) flag++;


if (flag)
{
  if (report_verbosity &gt; 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "dovecot");
}

JSON Vulners Source

Initial Source

{"id": "FEDORA_2014-6331.NASL", "type": "nessus", "bulletinFamily": "scanner", "title": "Fedora 19 : dovecot-2.2.13-1.fc19 (2014-6331)", "description": "- Fixed a DoS attack against imap/pop3-login processes. If SSL/TLS handshake was started but wasn't finished, the login process attempted to eventually forcibly disconnect the client, but failed to do it correctly.\n This could have left the connections hanging arond for a long time. (Affected Dovecot v1.1+)\n\n - mdbox: Added mdbox_purge_preserve_alt setting to keep the file within alt storage during purge.\n\n - fts: Added support for parsing attachments via Apache Tika. Enable with: plugin { fts_tika = http://tikahost:9998/tika/ }\n\n - virtual plugin: Delay opening backend mailboxes until it's necessary. This requires mailbox_list_index=yes to work. (Currently IMAP IDLE command still causes all backend mailboxes to be opened.)\n\n - mail_never_cache_fields=* means now to disable all caching. This may be a useful optimization as doveadm/dsync parameter for some admin tasks which shouldn't really update the cache file.\n\n - IMAP: Return SPECIAL-USE flags always for LSUB command.\n\n - pop3 server was still crashing in v2.2.12 with some settings\n\n - maildir: Various fixes and improvements to handling compressed mails, especially when they have broken/missing S=sizes in filenames.\n\n - fts-lucene, fts-solr: Fixed crash on search when the index contained duplicate entries.\n\n - Many fixes and performance improvements to dsync and replication\n\n - director was somewhat broken when there were exactly two directors in the ring. It caused errors about 'weak users' getting stuck.\n\n - mail_attachment_dir: Attachments with the last base64-encoded line longer than the rest wasn't handled correctly.\n\n - IMAP: SEARCH/SORT PARTIAL was handled completely wrong in v2.2.11+\n\n - acl: Global ACL file handling was broken when multiple entries matched the mailbox name. (Only the first entry was used.)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2014-06-18T00:00:00", "modified": "2021-01-11T00:00:00", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {}, "cvss3": {"score": null, "vector": null}, "href": "https://www.tenable.com/plugins/nessus/76092", "reporter": "This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://tikahost:9998/tika/", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3430", "https://bugzilla.redhat.com/show_bug.cgi?id=1096402", "http://www.nessus.org/u?09bec11b"], "cvelist": ["CVE-2014-3430"], "immutableFields": [], "lastseen": "2021-08-19T12:50:05", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2014-386"]}, {"type": "centos", "idList": ["CESA-2014:0790"]}, {"type": "cve", "idList": ["CVE-2014-3430"]}, {"type": "debian", "idList": ["DEBIAN:62199F87AF0944DEF76EFE64A3AED01A:DD7A3", "DEBIAN:DSA-2954-1:21F55", "DEBIAN:DSA-2954-1:83C6F", "DEBIAN:E7C0BDAF471AE312832925381FD3A559:53C7F"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2014-3430"]}, {"type": "fedora", "idList": ["FEDORA:19A76600FD68", "FEDORA:2FAAA20DF1", "FEDORA:6514F210CF"]}, {"type": "gentoo", "idList": ["GLSA-201412-03"]}, {"type": "nessus", "idList": ["ALA_ALAS-2014-386.NASL", "CENTOS_RHSA-2014-0790.NASL", "DEBIAN_DSA-2954.NASL", "FEDORA_2014-6338.NASL", "GENTOO_GLSA-201412-03.NASL", "MANDRIVA_MDVSA-2014-099.NASL", "MANDRIVA_MDVSA-2015-113.NASL", "ORACLELINUX_ELSA-2014-0790.NASL", "REDHAT-RHSA-2014-0790.NASL", "SL_20140625_DOVECOT_ON_SL6_X.NASL", "UBUNTU_USN-2213-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310114167", "OPENVAS:1361412562310120408", "OPENVAS:1361412562310121289", "OPENVAS:1361412562310123386", "OPENVAS:1361412562310702954", "OPENVAS:1361412562310841824", "OPENVAS:1361412562310867804", "OPENVAS:1361412562310867906", "OPENVAS:1361412562310869384", "OPENVAS:1361412562310871195", "OPENVAS:1361412562310881957", "OPENVAS:702954"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-0790"]}, {"type": "redhat", "idList": ["RHSA-2014:0790"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:13764"]}, {"type": "ubuntu", "idList": ["USN-2213-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2014-3430"]}], "rev": 4}, "score": {"value": 6.0, "vector": "NONE"}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2014:0790"]}, {"type": "cve", "idList": ["CVE-2014-3430"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2954-1:21F55", "DEBIAN:DSA-2954-1:83C6F"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2014-3430"]}, {"type": "fedora", "idList": ["FEDORA:2FAAA20DF1"]}, {"type": "gentoo", "idList": ["GLSA-201412-03"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2014-0790.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310813197"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-0790"]}, {"type": "redhat", "idList": ["RHSA-2014:0790"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:13764"]}]}, "exploitation": null, "vulnersScore": 6.0}, "pluginID": "76092", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-6331.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76092);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3430\");\n script_bugtraq_id(67306);\n script_xref(name:\"FEDORA\", value:\"2014-6331\");\n\n script_name(english:\"Fedora 19 : dovecot-2.2.13-1.fc19 (2014-6331)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Fixed a DoS attack against imap/pop3-login processes. If\n SSL/TLS handshake was started but wasn't finished, the\n login process attempted to eventually forcibly\n disconnect the client, but failed to do it correctly.\n This could have left the connections hanging arond for a\n long time. (Affected Dovecot v1.1+)\n\n - mdbox: Added mdbox_purge_preserve_alt setting to keep\n the file within alt storage during purge.\n\n - fts: Added support for parsing attachments via Apache\n Tika. Enable with: plugin { fts_tika =\n http://tikahost:9998/tika/ }\n\n - virtual plugin: Delay opening backend mailboxes until\n it's necessary. This requires mailbox_list_index=yes to\n work. (Currently IMAP IDLE command still causes all\n backend mailboxes to be opened.)\n\n - mail_never_cache_fields=* means now to disable all\n caching. This may be a useful optimization as\n doveadm/dsync parameter for some admin tasks which\n shouldn't really update the cache file.\n\n - IMAP: Return SPECIAL-USE flags always for LSUB command.\n\n - pop3 server was still crashing in v2.2.12 with some\n settings\n\n - maildir: Various fixes and improvements to handling\n compressed mails, especially when they have\n broken/missing S=sizes in filenames.\n\n - fts-lucene, fts-solr: Fixed crash on search when the\n index contained duplicate entries.\n\n - Many fixes and performance improvements to dsync and\n replication\n\n - director was somewhat broken when there were exactly two\n directors in the ring. It caused errors about 'weak\n users' getting stuck.\n\n - mail_attachment_dir: Attachments with the last\n base64-encoded line longer than the rest wasn't handled\n correctly.\n\n - IMAP: SEARCH/SORT PARTIAL was handled completely wrong\n in v2.2.11+\n\n - acl: Global ACL file handling was broken when multiple\n entries matched the mailbox name. (Only the first entry\n was used.)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://tikahost:9998/tika/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1096402\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134486.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?09bec11b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected dovecot package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dovecot\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"dovecot-2.2.13-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dovecot\");\n}\n", "naslFamily": "Fedora Local Security Checks", "cpe": ["p-cpe:/a:fedoraproject:fedora:dovecot", "cpe:/o:fedoraproject:fedora:19"], "solution": "Update the affected dovecot package.", "nessusSeverity": "Medium", "cvssScoreSource": "", "vpr": {"risk factor": "Low", "score": "3.6"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2014-05-13T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": [], "_state": {"dependencies": 1647589307, "score": 0}}

{"debian": [{"lastseen": "2021-12-03T00:39:08", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2954-1 security@debian.org\nhttp://www.debian.org/security/ Salvatore Bonaccorso\nJune 09, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : dovecot\nCVE ID : CVE-2014-3430\nDebian Bug : 747549\n\nIt was discovered that the Dovecot email server is vulnerable to a\ndenial of service attack against imap/pop3-login processes due to\nincorrect handling of the closure of inactive SSL/TLS connections.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1:2.1.7-7+deb7u1.\n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 1:2.2.13~rc1-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1:2.2.13~rc1-1.\n\nWe recommend that you upgrade your dovecot packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2014-06-09T18:02:29", "type": "debian", "title": "[SECURITY] [DSA 2954-1] dovecot security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3430"], "modified": "2014-06-09T18:02:29", "id": "DEBIAN:DSA-2954-1:21F55", "href": "https://lists.debian.org/debian-security-announce/2014/msg00134.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-21T23:07:03", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2954-1 security@debian.org\nhttp://www.debian.org/security/ Salvatore Bonaccorso\nJune 09, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : dovecot\nCVE ID : CVE-2014-3430\nDebian Bug : 747549\n\nIt was discovered that the Dovecot email server is vulnerable to a\ndenial of service attack against imap/pop3-login processes due to\nincorrect handling of the closure of inactive SSL/TLS connections.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1:2.1.7-7+deb7u1.\n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 1:2.2.13~rc1-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1:2.2.13~rc1-1.\n\nWe recommend that you upgrade your dovecot packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2014-06-09T18:02:29", "type": "debian", "title": "[SECURITY] [DSA 2954-1] dovecot security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3430"], "modified": "2014-06-09T18:02:29", "id": "DEBIAN:DSA-2954-1:83C6F", "href": "https://lists.debian.org/debian-security-announce/2014/msg00134.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-23T22:46:14", "description": "Package : dovecot\nVersion : 1:1.2.15-7+deb6u1\nCVE ID : CVE-2014-3430\nDebian Bug : 747549\n\nIt was discovered that the Dovecot email server is vulnerable to a\ndenial of service attack against imap/pop3-login processes due to\nincorrect handling of the closure of inactive SSL/TLS connections.", "cvss3": {}, "published": "2014-06-11T16:55:51", "type": "debian", "title": "dovecot security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3430"], "modified": "2014-06-11T16:55:51", "id": "DEBIAN:E7C0BDAF471AE312832925381FD3A559:53C7F", "href": "https://lists.debian.org/debian-lts-announce/2014/06/msg00003.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-03-27T08:32:40", "description": "Package : dovecot\nVersion : 1:1.2.15-7+deb6u1\nCVE ID : CVE-2014-3430\nDebian Bug : 747549\n\nIt was discovered that the Dovecot email server is vulnerable to a\ndenial of service attack against imap/pop3-login processes due to\nincorrect handling of the closure of inactive SSL/TLS connections.", "cvss3": {}, "published": "2014-06-11T16:55:51", "type": "debian", "title": "dovecot security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3430"], "modified": "2014-06-11T16:55:51", "id": "DEBIAN:E7C0BDAF471AE312832925381FD3A559:DD7A3", "href": "https://lists.debian.org/debian-lts-announce/2014/06/msg00003.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-30T02:22:09", "description": "Package : dovecot\nVersion : 1:1.2.15-7+deb6u1\nCVE ID : CVE-2014-3430\nDebian Bug : 747549\n\nIt was discovered that the Dovecot email server is vulnerable to a\ndenial of service attack against imap/pop3-login processes due to\nincorrect handling of the closure of inactive SSL/TLS connections.\n\n", "cvss3": {}, "published": "2014-06-11T16:56:06", "type": "debian", "title": "dovecot security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3430"], "modified": "2014-06-11T16:56:06", "id": "DEBIAN:62199F87AF0944DEF76EFE64A3AED01A:DD7A3", "href": "https://lists.debian.org/debian-lts-announce/2014/debian-lts-announce-201406/msg00003.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2021-08-19T12:50:27", "description": "A vulnerability has been discovered and corrected in dovecot :\n\nDovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service (resource consumption) via an incomplete SSL/TLS handshake for an IMAP/POP3 connection (CVE-2014-3430).\n\nThe updated packages have been patched to correct this issue.", "cvss3": {"score": null, "vector": null}, "published": "2014-05-19T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : dovecot (MDVSA-2014:099)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3430"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:dovecot", "p-cpe:/a:mandriva:linux:dovecot-devel", "p-cpe:/a:mandriva:linux:dovecot-plugins-gssapi", "p-cpe:/a:mandriva:linux:dovecot-plugins-ldap", "p-cpe:/a:mandriva:linux:dovecot-plugins-managesieve", "p-cpe:/a:mandriva:linux:dovecot-plugins-mysql", "p-cpe:/a:mandriva:linux:dovecot-plugins-pgsql", "p-cpe:/a:mandriva:linux:dovecot-plugins-sieve", "p-cpe:/a:mandriva:linux:dovecot-plugins-sqlite", "cpe:/o:mandriva:business_server:1"], "id": "MANDRIVA_MDVSA-2014-099.NASL", "href": "https://www.tenable.com/plugins/nessus/74077", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:099. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74077);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-3430\");\n script_bugtraq_id(67306);\n script_xref(name:\"MDVSA\", value:\"2014:099\");\n\n script_name(english:\"Mandriva Linux Security Advisory : dovecot (MDVSA-2014:099)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been discovered and corrected in dovecot :\n\nDovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x\nbefore 2.2.12.12 does not properly close old connections, which allows\nremote attackers to cause a denial of service (resource consumption)\nvia an incomplete SSL/TLS handshake for an IMAP/POP3 connection\n(CVE-2014-3430).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://seclists.org/oss-sec/2014/q2/280\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dovecot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dovecot-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dovecot-plugins-gssapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dovecot-plugins-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dovecot-plugins-managesieve\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dovecot-plugins-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dovecot-plugins-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dovecot-plugins-sieve\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dovecot-plugins-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"dovecot-1.2.17-5.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"dovecot-devel-1.2.17-5.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"dovecot-plugins-gssapi-1.2.17-5.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"dovecot-plugins-ldap-1.2.17-5.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"dovecot-plugins-managesieve-1.2.17-5.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"dovecot-plugins-mysql-1.2.17-5.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"dovecot-plugins-pgsql-1.2.17-5.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"dovecot-plugins-sieve-1.2.17-5.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"dovecot-plugins-sqlite-1.2.17-5.1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-16T01:49:23", "description": "Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service (resource consumption) via an incomplete SSL/TLS handshake for an IMAP/POP3 connection.", "cvss3": {"score": null, "vector": null}, "published": "2014-10-12T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : dovecot (ALAS-2014-386)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3430"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:dovecot", "p-cpe:/a:amazon:linux:dovecot-debuginfo", "p-cpe:/a:amazon:linux:dovecot-devel", "p-cpe:/a:amazon:linux:dovecot-mysql", "p-cpe:/a:amazon:linux:dovecot-pgsql", "p-cpe:/a:amazon:linux:dovecot-pigeonhole", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2014-386.NASL", "href": "https://www.tenable.com/plugins/nessus/78329", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2014-386.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78329);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2014-3430\");\n script_xref(name:\"ALAS\", value:\"2014-386\");\n\n script_name(english:\"Amazon Linux AMI : dovecot (ALAS-2014-386)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x\nbefore 2.2.12.12 does not properly close old connections, which allows\nremote attackers to cause a denial of service (resource consumption)\nvia an incomplete SSL/TLS handshake for an IMAP/POP3 connection.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2014-386.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update dovecot' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dovecot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dovecot-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dovecot-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dovecot-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dovecot-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dovecot-pigeonhole\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"dovecot-2.0.9-7.14.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"dovecot-debuginfo-2.0.9-7.14.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"dovecot-devel-2.0.9-7.14.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"dovecot-mysql-2.0.9-7.14.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"dovecot-pgsql-2.0.9-7.14.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"dovecot-pigeonhole-2.0.9-7.14.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dovecot / dovecot-debuginfo / dovecot-devel / dovecot-mysql / etc\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:49:30", "description": "Updated dovecot packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7.\n\nThe Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nDovecot is an IMAP server, written with security primarily in mind, for Linux and other UNIX-like systems. It also contains a small POP3 server. It supports mail in both the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages.\n\nIt was discovered that Dovecot did not properly discard connections trapped in the SSL/TLS handshake phase. A remote attacker could use this flaw to cause a denial of service on an IMAP/POP3 server by exhausting the pool of available connections and preventing further, legitimate connections to the IMAP/POP3 server to be made.\n(CVE-2014-3430)\n\nAll dovecot users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the dovecot service will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2014-06-26T00:00:00", "type": "nessus", "title": "RHEL 6 / 7 : dovecot (RHSA-2014:0790)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3430"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:dovecot", "p-cpe:/a:redhat:enterprise_linux:dovecot-debuginfo", "p-cpe:/a:redhat:enterprise_linux:dovecot-devel", "p-cpe:/a:redhat:enterprise_linux:dovecot-mysql", "p-cpe:/a:redhat:enterprise_linux:dovecot-pgsql", "p-cpe:/a:redhat:enterprise_linux:dovecot-pigeonhole", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.5", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2014-0790.NASL", "href": "https://www.tenable.com/plugins/nessus/76244", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0790. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76244);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-3430\");\n script_xref(name:\"RHSA\", value:\"2014:0790\");\n\n script_name(english:\"RHEL 6 / 7 : dovecot (RHSA-2014:0790)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated dovecot packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6 and 7.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nDovecot is an IMAP server, written with security primarily in mind,\nfor Linux and other UNIX-like systems. It also contains a small POP3\nserver. It supports mail in both the maildir or mbox format. The SQL\ndrivers and authentication plug-ins are provided as subpackages.\n\nIt was discovered that Dovecot did not properly discard connections\ntrapped in the SSL/TLS handshake phase. A remote attacker could use\nthis flaw to cause a denial of service on an IMAP/POP3 server by\nexhausting the pool of available connections and preventing further,\nlegitimate connections to the IMAP/POP3 server to be made.\n(CVE-2014-3430)\n\nAll dovecot users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. After\ninstalling the updated packages, the dovecot service will be restarted\nautomatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:0790\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3430\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dovecot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dovecot-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dovecot-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dovecot-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dovecot-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dovecot-pigeonhole\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0790\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"dovecot-2.0.9-7.el6_5.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"dovecot-debuginfo-2.0.9-7.el6_5.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"dovecot-devel-2.0.9-7.el6_5.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"dovecot-devel-2.0.9-7.el6_5.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"dovecot-devel-2.0.9-7.el6_5.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"dovecot-mysql-2.0.9-7.el6_5.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"dovecot-mysql-2.0.9-7.el6_5.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"dovecot-mysql-2.0.9-7.el6_5.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"dovecot-pgsql-2.0.9-7.el6_5.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"dovecot-pgsql-2.0.9-7.el6_5.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"dovecot-pgsql-2.0.9-7.el6_5.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"dovecot-pigeonhole-2.0.9-7.el6_5.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"dovecot-pigeonhole-2.0.9-7.el6_5.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"dovecot-pigeonhole-2.0.9-7.el6_5.1\")) flag++;\n\n\n if (rpm_check(release:\"RHEL7\", reference:\"dovecot-2.2.10-4.el7_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"dovecot-debuginfo-2.2.10-4.el7_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"dovecot-mysql-2.2.10-4.el7_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"dovecot-mysql-2.2.10-4.el7_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"dovecot-pgsql-2.2.10-4.el7_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"dovecot-pgsql-2.2.10-4.el7_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"dovecot-pigeonhole-2.2.10-4.el7_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"dovecot-pigeonhole-2.2.10-4.el7_0.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dovecot / dovecot-debuginfo / dovecot-devel / dovecot-mysql / etc\");\n }\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:50:26", "description": "- Fixed a DoS attack against imap/pop3-login processes. If SSL/TLS handshake was started but wasn't finished, the login process attempted to eventually forcibly disconnect the client, but failed to do it correctly.\n This could have left the connections hanging arond for a long time. (Affected Dovecot v1.1+)\n\n - mdbox: Added mdbox_purge_preserve_alt setting to keep the file within alt storage during purge.\n\n - fts: Added support for parsing attachments via Apache Tika. Enable with: plugin { fts_tika = http://tikahost:9998/tika/ }\n\n - virtual plugin: Delay opening backend mailboxes until it's necessary. This requires mailbox_list_index=yes to work. (Currently IMAP IDLE command still causes all backend mailboxes to be opened.)\n\n - mail_never_cache_fields=* means now to disable all caching. This may be a useful optimization as doveadm/dsync parameter for some admin tasks which shouldn't really update the cache file.\n\n - IMAP: Return SPECIAL-USE flags always for LSUB command.\n\n - pop3 server was still crashing in v2.2.12 with some settings\n\n - maildir: Various fixes and improvements to handling compressed mails, especially when they have broken/missing S=sizes in filenames.\n\n - fts-lucene, fts-solr: Fixed crash on search when the index contained duplicate entries.\n\n - Many fixes and performance improvements to dsync and replication\n\n - director was somewhat broken when there were exactly two directors in the ring. It caused errors about 'weak users' getting stuck.\n\n - mail_attachment_dir: Attachments with the last base64-encoded line longer than the rest wasn't handled correctly.\n\n - IMAP: SEARCH/SORT PARTIAL was handled completely wrong in v2.2.11+\n\n - acl: Global ACL file handling was broken when multiple entries matched the mailbox name. (Only the first entry was used.)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-05-19T00:00:00", "type": "nessus", "title": "Fedora 20 : dovecot-2.2.13-1.fc20 (2014-6338)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3430"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:dovecot", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2014-6338.NASL", "href": "https://www.tenable.com/plugins/nessus/74048", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-6338.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74048);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3430\");\n script_bugtraq_id(67306);\n script_xref(name:\"FEDORA\", value:\"2014-6338\");\n\n script_name(english:\"Fedora 20 : dovecot-2.2.13-1.fc20 (2014-6338)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Fixed a DoS attack against imap/pop3-login processes. If\n SSL/TLS handshake was started but wasn't finished, the\n login process attempted to eventually forcibly\n disconnect the client, but failed to do it correctly.\n This could have left the connections hanging arond for a\n long time. (Affected Dovecot v1.1+)\n\n - mdbox: Added mdbox_purge_preserve_alt setting to keep\n the file within alt storage during purge.\n\n - fts: Added support for parsing attachments via Apache\n Tika. Enable with: plugin { fts_tika =\n http://tikahost:9998/tika/ }\n\n - virtual plugin: Delay opening backend mailboxes until\n it's necessary. This requires mailbox_list_index=yes to\n work. (Currently IMAP IDLE command still causes all\n backend mailboxes to be opened.)\n\n - mail_never_cache_fields=* means now to disable all\n caching. This may be a useful optimization as\n doveadm/dsync parameter for some admin tasks which\n shouldn't really update the cache file.\n\n - IMAP: Return SPECIAL-USE flags always for LSUB command.\n\n - pop3 server was still crashing in v2.2.12 with some\n settings\n\n - maildir: Various fixes and improvements to handling\n compressed mails, especially when they have\n broken/missing S=sizes in filenames.\n\n - fts-lucene, fts-solr: Fixed crash on search when the\n index contained duplicate entries.\n\n - Many fixes and performance improvements to dsync and\n replication\n\n - director was somewhat broken when there were exactly two\n directors in the ring. It caused errors about 'weak\n users' getting stuck.\n\n - mail_attachment_dir: Attachments with the last\n base64-encoded line longer than the rest wasn't handled\n correctly.\n\n - IMAP: SEARCH/SORT PARTIAL was handled completely wrong\n in v2.2.11+\n\n - acl: Global ACL file handling was broken when multiple\n entries matched the mailbox name. (Only the first entry\n was used.)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://tikahost:9998/tika/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1096402\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-May/133439.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b6038854\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected dovecot package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dovecot\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"dovecot-2.2.13-1.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dovecot\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:50:03", "description": "Updated dovecot packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7.\n\nThe Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nDovecot is an IMAP server, written with security primarily in mind, for Linux and other UNIX-like systems. It also contains a small POP3 server. It supports mail in both the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages.\n\nIt was discovered that Dovecot did not properly discard connections trapped in the SSL/TLS handshake phase. A remote attacker could use this flaw to cause a denial of service on an IMAP/POP3 server by exhausting the pool of available connections and preventing further, legitimate connections to the IMAP/POP3 server to be made.\n(CVE-2014-3430)\n\nAll dovecot users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the dovecot service will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2014-06-26T00:00:00", "type": "nessus", "title": "CentOS 6 : dovecot (CESA-2014:0790)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3430"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:dovecot", "p-cpe:/a:centos:centos:dovecot-devel", "p-cpe:/a:centos:centos:dovecot-mysql", "p-cpe:/a:centos:centos:dovecot-pgsql", "p-cpe:/a:centos:centos:dovecot-pigeonhole", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2014-0790.NASL", "href": "https://www.tenable.com/plugins/nessus/76218", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0790 and \n# CentOS Errata and Security Advisory 2014:0790 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76218);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-3430\");\n script_bugtraq_id(67306);\n script_xref(name:\"RHSA\", value:\"2014:0790\");\n\n script_name(english:\"CentOS 6 : dovecot (CESA-2014:0790)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated dovecot packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6 and 7.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nDovecot is an IMAP server, written with security primarily in mind,\nfor Linux and other UNIX-like systems. It also contains a small POP3\nserver. It supports mail in both the maildir or mbox format. The SQL\ndrivers and authentication plug-ins are provided as subpackages.\n\nIt was discovered that Dovecot did not properly discard connections\ntrapped in the SSL/TLS handshake phase. A remote attacker could use\nthis flaw to cause a denial of service on an IMAP/POP3 server by\nexhausting the pool of available connections and preventing further,\nlegitimate connections to the IMAP/POP3 server to be made.\n(CVE-2014-3430)\n\nAll dovecot users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. After\ninstalling the updated packages, the dovecot service will be restarted\nautomatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-June/020388.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?09aa983a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected dovecot packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3430\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:dovecot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:dovecot-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:dovecot-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:dovecot-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:dovecot-pigeonhole\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"dovecot-2.0.9-7.el6_5.1\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"dovecot-devel-2.0.9-7.el6_5.1\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"dovecot-mysql-2.0.9-7.el6_5.1\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"dovecot-pgsql-2.0.9-7.el6_5.1\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"dovecot-pigeonhole-2.0.9-7.el6_5.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dovecot / dovecot-devel / dovecot-mysql / dovecot-pgsql / etc\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:49:32", "description": "It was discovered that the Dovecot email server is vulnerable to a denial of service attack against imap/pop3-login processes due to incorrect handling of the closure of inactive SSL/TLS connections.", "cvss3": {"score": null, "vector": null}, "published": "2014-06-10T00:00:00", "type": "nessus", "title": "Debian DSA-2954-1 : dovecot - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3430"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:dovecot", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-2954.NASL", "href": "https://www.tenable.com/plugins/nessus/74381", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2954. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74381);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3430\");\n script_bugtraq_id(67306);\n script_xref(name:\"DSA\", value:\"2954\");\n\n script_name(english:\"Debian DSA-2954-1 : dovecot - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the Dovecot email server is vulnerable to a\ndenial of service attack against imap/pop3-login processes due to\nincorrect handling of the closure of inactive SSL/TLS connections.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=747549\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/dovecot\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2014/dsa-2954\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the dovecot packages.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1:2.1.7-7+deb7u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dovecot\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"dovecot-common\", reference:\"1:2.1.7-7+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"dovecot-core\", reference:\"1:2.1.7-7+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"dovecot-dbg\", reference:\"1:2.1.7-7+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"dovecot-dev\", reference:\"1:2.1.7-7+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"dovecot-gssapi\", reference:\"1:2.1.7-7+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"dovecot-imapd\", reference:\"1:2.1.7-7+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"dovecot-ldap\", reference:\"1:2.1.7-7+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"dovecot-lmtpd\", reference:\"1:2.1.7-7+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"dovecot-managesieved\", reference:\"1:2.1.7-7+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"dovecot-mysql\", reference:\"1:2.1.7-7+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"dovecot-pgsql\", reference:\"1:2.1.7-7+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"dovecot-pop3d\", reference:\"1:2.1.7-7+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"dovecot-sieve\", reference:\"1:2.1.7-7+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"dovecot-solr\", reference:\"1:2.1.7-7+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"dovecot-sqlite\", reference:\"1:2.1.7-7+deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:50:18", "description": "It was discovered that Dovecot incorrectly handled closing inactive SSL/TLS connections. A remote attacker could use this issue to cause Dovecot to stop responding to new connections, resulting in a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-05-16T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 / 14.04 LTS : dovecot vulnerability (USN-2213-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3430"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:dovecot-core", "p-cpe:/a:canonical:ubuntu_linux:dovecot-imapd", "p-cpe:/a:canonical:ubuntu_linux:dovecot-pop3d", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:12.10", "cpe:/o:canonical:ubuntu_linux:13.10", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2213-1.NASL", "href": "https://www.tenable.com/plugins/nessus/74034", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2213-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74034);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-3430\");\n script_bugtraq_id(67306);\n script_xref(name:\"USN\", value:\"2213-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 / 14.04 LTS : dovecot vulnerability (USN-2213-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Dovecot incorrectly handled closing inactive\nSSL/TLS connections. A remote attacker could use this issue to cause\nDovecot to stop responding to new connections, resulting in a denial\nof service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2213-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected dovecot-core, dovecot-imapd and / or dovecot-pop3d\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dovecot-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dovecot-imapd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dovecot-pop3d\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:13.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|12\\.04|12\\.10|13\\.10|14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 12.04 / 12.10 / 13.10 / 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"dovecot-imapd\", pkgver:\"1:1.2.9-1ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"dovecot-pop3d\", pkgver:\"1:1.2.9-1ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"dovecot-core\", pkgver:\"1:2.0.19-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"dovecot-imapd\", pkgver:\"1:2.0.19-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"dovecot-pop3d\", pkgver:\"1:2.0.19-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"dovecot-core\", pkgver:\"1:2.1.7-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"dovecot-imapd\", pkgver:\"1:2.1.7-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"dovecot-pop3d\", pkgver:\"1:2.1.7-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"13.10\", pkgname:\"dovecot-core\", pkgver:\"1:2.1.7-7ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"13.10\", pkgname:\"dovecot-imapd\", pkgver:\"1:2.1.7-7ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"13.10\", pkgname:\"dovecot-pop3d\", pkgver:\"1:2.1.7-7ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"dovecot-core\", pkgver:\"1:2.2.9-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"dovecot-imapd\", pkgver:\"1:2.2.9-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"dovecot-pop3d\", pkgver:\"1:2.2.9-1ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dovecot-core / dovecot-imapd / dovecot-pop3d\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:47:25", "description": "The remote host is affected by the vulnerability described in GLSA-201412-03 (Dovecot: Denial of Service)\n\n Dovecot does not properly close connections, allowing a resource exhaustion for incomplete SSL/TLS handshakes.\n Impact :\n\n A remote attacker could possibly cause a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2014-12-09T00:00:00", "type": "nessus", "title": "GLSA-201412-03 : Dovecot: Denial of Service", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3430"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:dovecot", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201412-03.NASL", "href": "https://www.tenable.com/plugins/nessus/79813", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201412-03.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79813);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-3430\");\n script_bugtraq_id(67306);\n script_xref(name:\"GLSA\", value:\"201412-03\");\n\n script_name(english:\"GLSA-201412-03 : Dovecot: Denial of Service\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201412-03\n(Dovecot: Denial of Service)\n\n Dovecot does not properly close connections, allowing a resource\n exhaustion for incomplete SSL/TLS handshakes.\n \nImpact :\n\n A remote attacker could possibly cause a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201412-03\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Dovecot users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-mail/dovecot-2.2.13'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:dovecot\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-mail/dovecot\", unaffected:make_list(\"ge 2.2.13\"), vulnerable:make_list(\"lt 2.2.13\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Dovecot\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:50:03", "description": "It was discovered that Dovecot did not properly discard connections trapped in the SSL/TLS handshake phase. A remote attacker could use this flaw to cause a denial of service on an IMAP/POP3 server by exhausting the pool of available connections and preventing further, legitimate connections to the IMAP/POP3 server to be made.\n(CVE-2014-3430)\n\nAfter installing the updated packages, the dovecot service will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2014-06-26T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : dovecot on SL6.x i386/srpm/x86_64 (20140625)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3430"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:dovecot", "p-cpe:/a:fermilab:scientific_linux:dovecot-debuginfo", "p-cpe:/a:fermilab:scientific_linux:dovecot-devel", "p-cpe:/a:fermilab:scientific_linux:dovecot-mysql", "p-cpe:/a:fermilab:scientific_linux:dovecot-pgsql", "p-cpe:/a:fermilab:scientific_linux:dovecot-pigeonhole", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20140625_DOVECOT_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/76245", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76245);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-3430\");\n\n script_name(english:\"Scientific Linux Security Update : dovecot on SL6.x i386/srpm/x86_64 (20140625)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Dovecot did not properly discard connections\ntrapped in the SSL/TLS handshake phase. A remote attacker could use\nthis flaw to cause a denial of service on an IMAP/POP3 server by\nexhausting the pool of available connections and preventing further,\nlegitimate connections to the IMAP/POP3 server to be made.\n(CVE-2014-3430)\n\nAfter installing the updated packages, the dovecot service will be\nrestarted automatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1406&L=scientific-linux-errata&T=0&P=2754\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f7629f4e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:dovecot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:dovecot-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:dovecot-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:dovecot-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:dovecot-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:dovecot-pigeonhole\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"dovecot-2.0.9-7.el6_5.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"dovecot-debuginfo-2.0.9-7.el6_5.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"dovecot-devel-2.0.9-7.el6_5.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"dovecot-mysql-2.0.9-7.el6_5.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"dovecot-pgsql-2.0.9-7.el6_5.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"dovecot-pigeonhole-2.0.9-7.el6_5.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dovecot / dovecot-debuginfo / dovecot-devel / dovecot-mysql / etc\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:46:39", "description": "Updated dovecot packages fix security vulnerability.\n\nDovecot before 2.2.13 is vulnerable to a DoS attack against imap/pop3-login processes. If SSL/TLS handshake was started but wasn't finished, the login process attempted to eventually forcibly disconnect the client, but failed to do it correctly. This could have left the connections hanging around for a long time (CVE-2014-3430).", "cvss3": {"score": null, "vector": null}, "published": "2015-03-30T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : dovecot (MDVSA-2015:113)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3430"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:dovecot", "p-cpe:/a:mandriva:linux:dovecot-devel", "p-cpe:/a:mandriva:linux:dovecot-pigeonhole", "p-cpe:/a:mandriva:linux:dovecot-pigeonhole-devel", "p-cpe:/a:mandriva:linux:dovecot-plugins-gssapi", "p-cpe:/a:mandriva:linux:dovecot-plugins-ldap", "p-cpe:/a:mandriva:linux:dovecot-plugins-mysql", "p-cpe:/a:mandriva:linux:dovecot-plugins-pgsql", "p-cpe:/a:mandriva:linux:dovecot-plugins-sqlite", "cpe:/o:mandriva:business_server:2"], "id": "MANDRIVA_MDVSA-2015-113.NASL", "href": "https://www.tenable.com/plugins/nessus/82366", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2015:113. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82366);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-3430\");\n script_xref(name:\"MDVSA\", value:\"2015:113\");\n\n script_name(english:\"Mandriva Linux Security Advisory : dovecot (MDVSA-2015:113)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated dovecot packages fix security vulnerability.\n\nDovecot before 2.2.13 is vulnerable to a DoS attack against\nimap/pop3-login processes. If SSL/TLS handshake was started but wasn't\nfinished, the login process attempted to eventually forcibly\ndisconnect the client, but failed to do it correctly. This could have\nleft the connections hanging around for a long time (CVE-2014-3430).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0223.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dovecot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dovecot-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dovecot-pigeonhole\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dovecot-pigeonhole-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dovecot-plugins-gssapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dovecot-plugins-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dovecot-plugins-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dovecot-plugins-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dovecot-plugins-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"dovecot-2.2.6-3.1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"dovecot-devel-2.2.6-3.1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"dovecot-pigeonhole-2.2.6-3.1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"dovecot-pigeonhole-devel-2.2.6-3.1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"dovecot-plugins-gssapi-2.2.6-3.1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"dovecot-plugins-ldap-2.2.6-3.1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"dovecot-plugins-mysql-2.2.6-3.1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"dovecot-plugins-pgsql-2.2.6-3.1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"dovecot-plugins-sqlite-2.2.6-3.1.mbs2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:49:42", "description": "From Red Hat Security Advisory 2014:0790 :\n\nUpdated dovecot packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7.\n\nThe Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nDovecot is an IMAP server, written with security primarily in mind, for Linux and other UNIX-like systems. It also contains a small POP3 server. It supports mail in both the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages.\n\nIt was discovered that Dovecot did not properly discard connections trapped in the SSL/TLS handshake phase. A remote attacker could use this flaw to cause a denial of service on an IMAP/POP3 server by exhausting the pool of available connections and preventing further, legitimate connections to the IMAP/POP3 server to be made.\n(CVE-2014-3430)\n\nAll dovecot users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the dovecot service will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2014-06-26T00:00:00", "type": "nessus", "title": "Oracle Linux 6 / 7 : dovecot (ELSA-2014-0790)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3430"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:dovecot", "p-cpe:/a:oracle:linux:dovecot-devel", "p-cpe:/a:oracle:linux:dovecot-mysql", "p-cpe:/a:oracle:linux:dovecot-pgsql", "p-cpe:/a:oracle:linux:dovecot-pigeonhole", "cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2014-0790.NASL", "href": "https://www.tenable.com/plugins/nessus/76232", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:0790 and \n# Oracle Linux Security Advisory ELSA-2014-0790 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76232);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-3430\");\n script_bugtraq_id(67306);\n script_xref(name:\"RHSA\", value:\"2014:0790\");\n\n script_name(english:\"Oracle Linux 6 / 7 : dovecot (ELSA-2014-0790)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:0790 :\n\nUpdated dovecot packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6 and 7.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nDovecot is an IMAP server, written with security primarily in mind,\nfor Linux and other UNIX-like systems. It also contains a small POP3\nserver. It supports mail in both the maildir or mbox format. The SQL\ndrivers and authentication plug-ins are provided as subpackages.\n\nIt was discovered that Dovecot did not properly discard connections\ntrapped in the SSL/TLS handshake phase. A remote attacker could use\nthis flaw to cause a denial of service on an IMAP/POP3 server by\nexhausting the pool of available connections and preventing further,\nlegitimate connections to the IMAP/POP3 server to be made.\n(CVE-2014-3430)\n\nAll dovecot users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. After\ninstalling the updated packages, the dovecot service will be restarted\nautomatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-July/004283.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-June/004215.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected dovecot packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dovecot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dovecot-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dovecot-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dovecot-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dovecot-pigeonhole\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6 / 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"dovecot-2.0.9-7.el6_5.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"dovecot-devel-2.0.9-7.el6_5.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"dovecot-mysql-2.0.9-7.el6_5.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"dovecot-pgsql-2.0.9-7.el6_5.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"dovecot-pigeonhole-2.0.9-7.el6_5.1\")) flag++;\n\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"dovecot-2.2.10-4.el7_0.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"dovecot-mysql-2.2.10-4.el7_0.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"dovecot-pgsql-2.2.10-4.el7_0.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"dovecot-pigeonhole-2.2.10-4.el7_0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dovecot / dovecot-devel / dovecot-mysql / dovecot-pgsql / etc\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:37:28", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-05-19T00:00:00", "type": "openvas", "title": "Ubuntu Update for dovecot USN-2213-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3430"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841824", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841824", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2213_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for dovecot USN-2213-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841824\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-05-19 11:24:54 +0530 (Mon, 19 May 2014)\");\n script_cve_id(\"CVE-2014-3430\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Ubuntu Update for dovecot USN-2213-1\");\n\n script_tag(name:\"affected\", value:\"dovecot on Ubuntu 14.04 LTS,\n Ubuntu 13.10,\n Ubuntu 12.10,\n Ubuntu 12.04 LTS,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"insight\", value:\"It was discovered that Dovecot incorrectly handled closing\ninactive SSL/TLS connections. A remote attacker could use this issue to cause\nDovecot to stop responding to new connections, resulting in a denial of\nservice.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2213-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2213-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'dovecot'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS|10\\.04 LTS|13\\.10|12\\.10)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"dovecot-core\", ver:\"1:2.2.9-1ubuntu2.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dovecot-imapd\", ver:\"1:2.2.9-1ubuntu2.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dovecot-pop3d\", ver:\"1:2.2.9-1ubuntu2.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"dovecot-core\", ver:\"1:2.0.19-0ubuntu2.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dovecot-imapd\", ver:\"1:2.0.19-0ubuntu2.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dovecot-pop3d\", ver:\"1:2.0.19-0ubuntu2.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"dovecot-imapd\", ver:\"1:1.2.9-1ubuntu6.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dovecot-pop3d\", ver:\"1:1.2.9-1ubuntu6.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU13.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"dovecot-core\", ver:\"1:2.1.7-7ubuntu3.1\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dovecot-imapd\", ver:\"1:2.1.7-7ubuntu3.1\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dovecot-pop3d\", ver:\"1:2.1.7-7ubuntu3.1\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"dovecot-core\", ver:\"1:2.1.7-1ubuntu2.1\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dovecot-imapd\", ver:\"1:2.1.7-1ubuntu2.1\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dovecot-pop3d\", ver:\"1:2.1.7-1ubuntu2.1\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:21", "description": "Oracle Linux Local Security Checks ELSA-2014-0790", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-0790", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3430"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123386", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-0790.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123386\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:03:07 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-0790\");\n script_tag(name:\"insight\", value:\"ELSA-2014-0790 - dovecot security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-0790\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-0790.html\");\n script_cve_id(\"CVE-2014-3430\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(7|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"dovecot\", rpm:\"dovecot~2.2.10~4.el7_0.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"dovecot-mysql\", rpm:\"dovecot-mysql~2.2.10~4.el7_0.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"dovecot-pgsql\", rpm:\"dovecot-pgsql~2.2.10~4.el7_0.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"dovecot-pigeonhole\", rpm:\"dovecot-pigeonhole~2.2.10~4.el7_0.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"dovecot\", rpm:\"dovecot~2.0.9~7.el6_5.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"dovecot-devel\", rpm:\"dovecot-devel~2.0.9~7.el6_5.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"dovecot-mysql\", rpm:\"dovecot-mysql~2.0.9~7.el6_5.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"dovecot-pgsql\", rpm:\"dovecot-pgsql~2.0.9~7.el6_5.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"dovecot-pigeonhole\", rpm:\"dovecot-pigeonhole~2.0.9~7.el6_5.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:20", "description": "It was discovered that the Dovecot email server is vulnerable to a\ndenial of service attack against imap/pop3-login processes due to\nincorrect handling of the closure of inactive SSL/TLS connections.", "cvss3": {}, "published": "2014-06-09T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2954-1 (dovecot - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3430"], "modified": "2019-03-19T00:00:00", "id": "OPENVAS:1361412562310702954", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310702954", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2954.nasl 14302 2019-03-19 08:28:48Z cfischer $\n# Auto-generated from advisory DSA 2954-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.702954\");\n script_version(\"$Revision: 14302 $\");\n script_cve_id(\"CVE-2014-3430\");\n script_name(\"Debian Security Advisory DSA 2954-1 (dovecot - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 09:28:48 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-09 00:00:00 +0200 (Mon, 09 Jun 2014)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2014/dsa-2954.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"dovecot on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy), this problem has been fixed in\nversion 1:2.1.7-7+deb7u1.\n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 1:2.2.13~rc1-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1:2.2.13~rc1-1.\n\nWe recommend that you upgrade your dovecot packages.\");\n script_tag(name:\"summary\", value:\"It was discovered that the Dovecot email server is vulnerable to a\ndenial of service attack against imap/pop3-login processes due to\nincorrect handling of the closure of inactive SSL/TLS connections.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"dovecot-common\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dovecot-core\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dovecot-dbg\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dovecot-dev\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dovecot-gssapi\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dovecot-imapd\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dovecot-ldap\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dovecot-lmtpd\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dovecot-managesieved\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dovecot-mysql\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dovecot-pgsql\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dovecot-pop3d\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dovecot-sieve\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dovecot-solr\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dovecot-sqlite\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-17T23:00:48", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2014-386)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3430"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120408", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120408", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120408\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:25:39 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2014-386)\");\n script_tag(name:\"insight\", value:\"Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service (resource consumption) via an incomplete SSL/TLS handshake for an IMAP/POP3 connection.\");\n script_tag(name:\"solution\", value:\"Run yum update dovecot to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2014-386.html\");\n script_cve_id(\"CVE-2014-3430\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"dovecot-pigeonhole\", rpm:\"dovecot-pigeonhole~2.0.9~7.14.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dovecot-devel\", rpm:\"dovecot-devel~2.0.9~7.14.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dovecot-debuginfo\", rpm:\"dovecot-debuginfo~2.0.9~7.14.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dovecot\", rpm:\"dovecot~2.0.9~7.14.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dovecot-mysql\", rpm:\"dovecot-mysql~2.0.9~7.14.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dovecot-pgsql\", rpm:\"dovecot-pgsql~2.0.9~7.14.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-08T12:53:55", "description": "Dovecot is prone to a Denial of Service vulnerability.", "cvss3": {}, "published": "2019-12-18T00:00:00", "type": "openvas", "title": "Dovecot 'CVE-2014-3430' DoS Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3430"], "modified": "2020-01-07T00:00:00", "id": "OPENVAS:1361412562310114167", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310114167", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:dovecot:dovecot\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.114167\");\n script_version(\"2020-01-07T12:10:22+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-07 12:10:22 +0000 (Tue, 07 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-12-18 11:20:31 +0100 (Wed, 18 Dec 2019)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_cve_id(\"CVE-2014-3430\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Dovecot 'CVE-2014-3430' DoS Vulnerability\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_dovecot_consolidation.nasl\");\n script_mandatory_keys(\"dovecot/detected\");\n\n script_tag(name:\"summary\", value:\"Dovecot is prone to a Denial of Service vulnerability.\");\n\n script_tag(name:\"insight\", value:\"Dovecot does not properly close old connections, which allows\n remote attackers to cause a Denial of Service (resource consumption) via an incomplete SSL/TLS\n handshake for an IMAP/POP3 connection.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"Dovecot versions between 1.1 and 2.2.13,\n Dovecot-EE before 2.1.7.7 and 2.2.x before 2.2.12.12.\");\n\n script_tag(name:\"solution\", value:\"Update to version 2.2.13 or later. For Dovecot-EE, the fix is also in\n version 2.2.12.12 and 2.1.7.7.\");\n\n script_xref(name:\"URL\", value:\"https://www.openwall.com/lists/oss-security/2014/05/09/4\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(isnull(port = get_app_port(cpe: CPE)))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\n#nb: We can't really differentiate between Dovecot and Dovecot-EE/Pro, so this range will do\nif(version_in_range(version: version, test_version: \"1.1\", test_version2: \"2.2.13\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"2.2.13\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-06-23T00:00:00", "type": "openvas", "title": "Fedora Update for dovecot FEDORA-2014-6331", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3430"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310867906", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867906", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for dovecot FEDORA-2014-6331\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867906\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-23 13:14:48 +0530 (Mon, 23 Jun 2014)\");\n script_cve_id(\"CVE-2014-3430\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for dovecot FEDORA-2014-6331\");\n script_tag(name:\"affected\", value:\"dovecot on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-6331\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134486.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'dovecot'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"dovecot\", rpm:\"dovecot~2.2.13~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:35", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-07-01T00:00:00", "type": "openvas", "title": "RedHat Update for dovecot RHSA-2014:0790-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3430"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871195", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871195", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for dovecot RHSA-2014:0790-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871195\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-01 23:23:58 +0530 (Tue, 01 Jul 2014)\");\n script_cve_id(\"CVE-2014-3430\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"RedHat Update for dovecot RHSA-2014:0790-01\");\n\n\n script_tag(name:\"affected\", value:\"dovecot on Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Server (v. 7),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"insight\", value:\"Dovecot is an IMAP server, written with security primarily in mind, for\nLinux and other UNIX-like systems. It also contains a small POP3 server.\nIt supports mail in both the maildir or mbox format. The SQL drivers and\nauthentication plug-ins are provided as subpackages.\n\nIt was discovered that Dovecot did not properly discard connections trapped\nin the SSL/TLS handshake phase. A remote attacker could use this flaw to\ncause a denial of service on an IMAP/POP3 server by exhausting the pool of\navailable connections and preventing further, legitimate connections to the\nIMAP/POP3 server to be made. (CVE-2014-3430)\n\nAll dovecot users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdated packages, the dovecot service will be restarted automatically.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"RHSA\", value:\"2014:0790-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2014-June/msg00053.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'dovecot'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(7|6)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"dovecot\", rpm:\"dovecot~2.2.10~4.el7_0.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dovecot-debuginfo\", rpm:\"dovecot-debuginfo~2.2.10~4.el7_0.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dovecot-mysql\", rpm:\"dovecot-mysql~2.2.10~4.el7_0.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dovecot-pgsql\", rpm:\"dovecot-pgsql~2.2.10~4.el7_0.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dovecot-pigeonhole\", rpm:\"dovecot-pigeonhole~2.2.10~4.el7_0.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"dovecot\", rpm:\"dovecot~2.0.9~7.el6_5.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dovecot-debuginfo\", rpm:\"dovecot-debuginfo~2.0.9~7.el6_5.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dovecot-mysql\", rpm:\"dovecot-mysql~2.0.9~7.el6_5.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dovecot-pgsql\", rpm:\"dovecot-pgsql~2.0.9~7.el6_5.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dovecot-pigeonhole\", rpm:\"dovecot-pigeonhole~2.0.9~7.el6_5.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-05-19T00:00:00", "type": "openvas", "title": "Fedora Update for dovecot FEDORA-2014-6338", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3430"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310867804", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867804", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for dovecot FEDORA-2014-6338\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867804\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-05-19 11:16:35 +0530 (Mon, 19 May 2014)\");\n script_cve_id(\"CVE-2014-3430\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for dovecot FEDORA-2014-6338\");\n script_tag(name:\"affected\", value:\"dovecot on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-6338\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-May/133439.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'dovecot'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"dovecot\", rpm:\"dovecot~2.2.13~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-08-02T10:49:08", "description": "It was discovered that the Dovecot email server is vulnerable to a\ndenial of service attack against imap/pop3-login processes due to\nincorrect handling of the closure of inactive SSL/TLS connections.", "cvss3": {}, "published": "2014-06-09T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2954-1 (dovecot - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3430"], "modified": "2017-07-18T00:00:00", "id": "OPENVAS:702954", "href": "http://plugins.openvas.org/nasl.php?oid=702954", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2954.nasl 6750 2017-07-18 09:56:47Z teissa $\n# Auto-generated from advisory DSA 2954-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_affected = \"dovecot on Debian Linux\";\ntag_solution = \"For the stable distribution (wheezy), this problem has been fixed in\nversion 1:2.1.7-7+deb7u1.\n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 1:2.2.13~rc1-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1:2.2.13~rc1-1.\n\nWe recommend that you upgrade your dovecot packages.\";\ntag_summary = \"It was discovered that the Dovecot email server is vulnerable to a\ndenial of service attack against imap/pop3-login processes due to\nincorrect handling of the closure of inactive SSL/TLS connections.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(702954);\n script_version(\"$Revision: 6750 $\");\n script_cve_id(\"CVE-2014-3430\");\n script_name(\"Debian Security Advisory DSA 2954-1 (dovecot - security update)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-18 11:56:47 +0200 (Tue, 18 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2014-06-09 00:00:00 +0200 (Mon, 09 Jun 2014)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-2954.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"dovecot-common\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-core\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-dbg\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-dev\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-gssapi\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-imapd\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-ldap\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-lmtpd\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-managesieved\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-mysql\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-pgsql\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-pop3d\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-sieve\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-solr\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-sqlite\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-common\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-core\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-dbg\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-dev\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-gssapi\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-imapd\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-ldap\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-lmtpd\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-managesieved\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-mysql\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-pgsql\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-pop3d\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-sieve\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-solr\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-sqlite\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-common\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-core\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-dbg\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-dev\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-gssapi\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-imapd\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-ldap\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-lmtpd\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-managesieved\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-mysql\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-pgsql\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-pop3d\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-sieve\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-solr\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-sqlite\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-common\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-core\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-dbg\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-dev\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-gssapi\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-imapd\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-ldap\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-lmtpd\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-managesieved\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-mysql\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-pgsql\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-pop3d\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-sieve\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-solr\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dovecot-sqlite\", ver:\"1:2.1.7-7+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:37:19", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-07-01T00:00:00", "type": "openvas", "title": "CentOS Update for dovecot CESA-2014:0790 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3430"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881957", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881957", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for dovecot CESA-2014:0790 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881957\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-01 19:55:11 +0530 (Tue, 01 Jul 2014)\");\n script_cve_id(\"CVE-2014-3430\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"CentOS Update for dovecot CESA-2014:0790 centos6\");\n\n script_tag(name:\"affected\", value:\"dovecot on CentOS 6\");\n script_tag(name:\"insight\", value:\"Dovecot is an IMAP server, written with security primarily in\nmind, for Linux and other UNIX-like systems. It also contains a small POP3\nserver. It supports mail in both the maildir or mbox format. The SQL drivers\nand authentication plug-ins are provided as subpackages.\n\nIt was discovered that Dovecot did not properly discard connections trapped\nin the SSL/TLS handshake phase. A remote attacker could use this flaw to\ncause a denial of service on an IMAP/POP3 server by exhausting the pool of\navailable connections and preventing further, legitimate connections to the\nIMAP/POP3 server to be made. (CVE-2014-3430)\n\nAll dovecot users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdated packages, the dovecot service will be restarted automatically.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"CESA\", value:\"2014:0790\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-June/020388.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'dovecot'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"dovecot\", rpm:\"dovecot~2.0.9~7.el6_5.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dovecot-devel\", rpm:\"dovecot-devel~2.0.9~7.el6_5.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dovecot-mysql\", rpm:\"dovecot-mysql~2.0.9~7.el6_5.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dovecot-pgsql\", rpm:\"dovecot-pgsql~2.0.9~7.el6_5.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dovecot-pigeonhole\", rpm:\"dovecot-pigeonhole~2.0.9~7.el6_5.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:07", "description": "Gentoo Linux Local Security Checks GLSA 201412-03", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201412-03", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3430"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121289", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121289", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201412-03.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121289\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:28:02 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201412-03\");\n script_tag(name:\"insight\", value:\"Dovecot does not properly close connections, allowing a resource exhaustion for incomplete SSL/TLS handshakes.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201412-03\");\n script_cve_id(\"CVE-2014-3430\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201412-03\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"net-mail/dovecot\", unaffected: make_list(\"ge 2.2.13\"), vulnerable: make_list(\"lt 2.2.13\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:34", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-06-09T00:00:00", "type": "openvas", "title": "Fedora Update for dovecot FEDORA-2015-7159", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3430", "CVE-2015-3420"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310869384", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869384", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for dovecot FEDORA-2015-7159\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869384\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-09 10:44:59 +0200 (Tue, 09 Jun 2015)\");\n script_cve_id(\"CVE-2015-3420\", \"CVE-2014-3430\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for dovecot FEDORA-2015-7159\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'dovecot'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"dovecot on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-7159\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-May/158261.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"dovecot\", rpm:\"dovecot~2.2.16~2.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:23", "description": "[1:2.0.9-7.1]\n- fix CVE-2014-3430: denial of service through maxxing out SSL connections (#1108001)", "cvss3": {}, "published": "2014-06-25T00:00:00", "type": "oraclelinux", "title": "dovecot security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-3430"], "modified": "2014-06-25T00:00:00", "id": "ELSA-2014-0790", "href": "http://linux.oracle.com/errata/ELSA-2014-0790.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "gentoo": [{"lastseen": "2022-01-17T19:07:35", "description": "### Background\n\nDovecot is an open source IMAP and POP3 email server.\n\n### Description\n\nDovecot does not properly close connections, allowing a resource exhaustion for incomplete SSL/TLS handshakes. \n\n### Impact\n\nA remote attacker could possibly cause a Denial of Service condition.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Dovecot users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-mail/dovecot-2.2.13\"", "cvss3": {}, "published": "2014-12-08T00:00:00", "type": "gentoo", "title": "Dovecot: Denial of service", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3430"], "modified": "2014-12-08T00:00:00", "id": "GLSA-201412-03", "href": "https://security.gentoo.org/glsa/201412-03", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2021-10-19T18:40:19", "description": "Dovecot is an IMAP server, written with security primarily in mind, for\nLinux and other UNIX-like systems. It also contains a small POP3 server.\nIt supports mail in both the maildir or mbox format. The SQL drivers and\nauthentication plug-ins are provided as subpackages.\n\nIt was discovered that Dovecot did not properly discard connections trapped\nin the SSL/TLS handshake phase. A remote attacker could use this flaw to\ncause a denial of service on an IMAP/POP3 server by exhausting the pool of\navailable connections and preventing further, legitimate connections to the\nIMAP/POP3 server to be made. (CVE-2014-3430)\n\nAll dovecot users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdated packages, the dovecot service will be restarted automatically.\n", "cvss3": {}, "published": "2014-06-25T00:00:00", "type": "redhat", "title": "(RHSA-2014:0790) Moderate: dovecot security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3430"], "modified": "2018-06-06T16:24:30", "id": "RHSA-2014:0790", "href": "https://access.redhat.com/errata/RHSA-2014:0790", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:52", "description": "Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plug-ins are in their subpackages. ", "edition": 2, "cvss3": {}, "published": "2014-06-17T23:38:27", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: dovecot-2.2.13-1.fc19", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3430"], "modified": "2014-06-17T23:38:27", "id": "FEDORA:2FAAA20DF1", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "description": "Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plug-ins are in their subpackages. ", "edition": 2, "cvss3": {}, "published": "2014-05-18T22:56:49", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: dovecot-2.2.13-1.fc20", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3430"], "modified": "2014-05-18T22:56:49", "id": "FEDORA:6514F210CF", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plug-ins are in their subpackages. ", "edition": 2, "cvss3": {}, "published": "2015-05-19T16:26:41", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: dovecot-2.2.16-2.fc20", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3430", "CVE-2015-3420"], "modified": "2015-05-19T16:26:41", "id": "FEDORA:19A76600FD68", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:51:48", "description": "Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before\n2.2.12.12 does not properly close old connections, which allows remote\nattackers to cause a denial of service (resource consumption) via an\nincomplete SSL/TLS handshake for an IMAP/POP3 connection.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=747549>\n", "cvss3": {}, "published": "2014-05-13T00:00:00", "type": "ubuntucve", "title": "CVE-2014-3430", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3430"], "modified": "2014-05-13T00:00:00", "id": "UB:CVE-2014-3430", "href": "https://ubuntu.com/security/CVE-2014-3430", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "amazon": [{"lastseen": "2021-07-25T19:31:18", "description": "**Issue Overview:**\n\nDovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service (resource consumption) via an incomplete SSL/TLS handshake for an IMAP/POP3 connection.\n\n \n**Affected Packages:** \n\n\ndovecot\n\n \n**Issue Correction:** \nRun _yum update dovecot_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 dovecot-pigeonhole-2.0.9-7.14.amzn1.i686 \n \u00a0\u00a0\u00a0 dovecot-devel-2.0.9-7.14.amzn1.i686 \n \u00a0\u00a0\u00a0 dovecot-debuginfo-2.0.9-7.14.amzn1.i686 \n \u00a0\u00a0\u00a0 dovecot-2.0.9-7.14.amzn1.i686 \n \u00a0\u00a0\u00a0 dovecot-mysql-2.0.9-7.14.amzn1.i686 \n \u00a0\u00a0\u00a0 dovecot-pgsql-2.0.9-7.14.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 dovecot-2.0.9-7.14.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 dovecot-debuginfo-2.0.9-7.14.amzn1.x86_64 \n \u00a0\u00a0\u00a0 dovecot-pigeonhole-2.0.9-7.14.amzn1.x86_64 \n \u00a0\u00a0\u00a0 dovecot-devel-2.0.9-7.14.amzn1.x86_64 \n \u00a0\u00a0\u00a0 dovecot-pgsql-2.0.9-7.14.amzn1.x86_64 \n \u00a0\u00a0\u00a0 dovecot-mysql-2.0.9-7.14.amzn1.x86_64 \n \u00a0\u00a0\u00a0 dovecot-2.0.9-7.14.amzn1.x86_64 \n \n \n", "edition": 2, "cvss3": {}, "published": "2014-07-23T14:09:00", "type": "amazon", "title": "Medium: dovecot", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3430"], "modified": "2014-09-19T11:39:00", "id": "ALAS-2014-386", "href": "https://alas.aws.amazon.com/ALAS-2014-386.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "Updated dovecot packages fix security vulnerability. Dovecot before 2.2.13 is vulnerable to a DoS attack against imap/pop3-login processes. If SSL/TLS handshake was started but wasn't finished, the login process attempted to eventually forcibly disconnect the client, but failed to do it correctly. This could have left the connections hanging around for a long time (CVE-2014-3430). \n", "cvss3": {}, "published": "2014-05-17T00:38:24", "type": "mageia", "title": "Updated dovecot packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3430"], "modified": "2014-05-17T00:38:24", "id": "MGASA-2014-0223", "href": "https://advisories.mageia.org/MGASA-2014-0223.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "centos": [{"lastseen": "2022-02-27T11:54:02", "description": "**CentOS Errata and Security Advisory** CESA-2014:0790\n\n\nDovecot is an IMAP server, written with security primarily in mind, for\nLinux and other UNIX-like systems. It also contains a small POP3 server.\nIt supports mail in both the maildir or mbox format. The SQL drivers and\nauthentication plug-ins are provided as subpackages.\n\nIt was discovered that Dovecot did not properly discard connections trapped\nin the SSL/TLS handshake phase. A remote attacker could use this flaw to\ncause a denial of service on an IMAP/POP3 server by exhausting the pool of\navailable connections and preventing further, legitimate connections to the\nIMAP/POP3 server to be made. (CVE-2014-3430)\n\nAll dovecot users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdated packages, the dovecot service will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2014-June/057307.html\n\n**Affected packages:**\ndovecot\ndovecot-devel\ndovecot-mysql\ndovecot-pgsql\ndovecot-pigeonhole\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2014:0790", "cvss3": {}, "published": "2014-06-25T19:00:49", "type": "centos", "title": "dovecot security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3430"], "modified": "2014-06-25T19:00:49", "id": "CESA-2014:0790", "href": "https://lists.centos.org/pipermail/centos-announce/2014-June/057307.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debiancve": [{"lastseen": "2022-03-11T23:33:01", "description": "Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service (resource consumption) via an incomplete SSL/TLS handshake for an IMAP/POP3 connection.", "cvss3": {}, "published": "2014-05-14T19:55:00", "type": "debiancve", "title": "CVE-2014-3430", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3430"], "modified": "2014-05-14T19:55:00", "id": "DEBIANCVE:CVE-2014-3430", "href": "https://security-tracker.debian.org/tracker/CVE-2014-3430", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2022-01-04T12:51:25", "description": "It was discovered that Dovecot incorrectly handled closing inactive SSL/TLS \nconnections. A remote attacker could use this issue to cause Dovecot to \nstop responding to new connections, resulting in a denial of service.\n", "cvss3": {}, "published": "2014-05-15T00:00:00", "type": "ubuntu", "title": "Dovecot vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3430"], "modified": "2014-05-15T00:00:00", "id": "USN-2213-1", "href": "https://ubuntu.com/security/notices/USN-2213-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2022-03-23T12:53:59", "description": "Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service (resource consumption) via an incomplete SSL/TLS handshake for an IMAP/POP3 connection.", "cvss3": {}, "published": "2014-05-14T19:55:00", "type": "cve", "title": "CVE-2014-3430", "cwe": ["CWE-287"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3430"], "modified": "2017-12-29T02:29:00", "cpe": ["cpe:/a:dovecot:dovecot:2.0.6", "cpe:/a:dovecot:dovecot:1.2.10", "cpe:/a:dovecot:dovecot:1.1.6", "cpe:/a:dovecot:dovecot:2.0.2", "cpe:/a:dovecot:dovecot:2.2.13", "cpe:/a:dovecot:dovecot:1.1.2", "cpe:/a:dovecot:dovecot:2.1", "cpe:/a:dovecot:dovecot:2.2.5", "cpe:/a:dovecot:dovecot:2.1.2", "cpe:/a:dovecot:dovecot:2.0.1", "cpe:/a:dovecot:dovecot:2.2.6", "cpe:/a:dovecot:dovecot:1.1.3", "cpe:/a:dovecot:dovecot:1.2.13", "cpe:/a:dovecot:dovecot:1.2.3", "cpe:/a:dovecot:dovecot:2.1.3", "cpe:/a:dovecot:dovecot:1.1.1", "cpe:/a:dovecot:dovecot:1.1.5", "cpe:/a:dovecot:dovecot:2.1.6", "cpe:/a:dovecot:dovecot:2.1.0", "cpe:/a:dovecot:dovecot:2.2.3", "cpe:/a:dovecot:dovecot:2.0.4", "cpe:/a:dovecot:dovecot:1.2.7", "cpe:/a:dovecot:dovecot:2.2.9", "cpe:/a:dovecot:dovecot:1.2.14", "cpe:/a:dovecot:dovecot:2.0.14", "cpe:/a:dovecot:dovecot:2.2.10", "cpe:/a:dovecot:dovecot:2.0.7", "cpe:/a:dovecot:dovecot:1.1", "cpe:/a:dovecot:dovecot:2.1.5", "cpe:/a:dovecot:dovecot:1.2.11", "cpe:/a:dovecot:dovecot:1.2.4", "cpe:/a:dovecot:dovecot:2.2.2", "cpe:/a:dovecot:dovecot:2.1.8", "cpe:/a:dovecot:dovecot:1.2.1", "cpe:/a:dovecot:dovecot:1.2.9", "cpe:/a:dovecot:dovecot:2.2.1", "cpe:/a:dovecot:dovecot:2.1.1", "cpe:/a:dovecot:dovecot:2.1.14", "cpe:/a:dovecot:dovecot:1.2.12", "cpe:/a:dovecot:dovecot:2.0.13", "cpe:/a:dovecot:dovecot:1.2.15", "cpe:/a:dovecot:dovecot:2.0.11", "cpe:/a:dovecot:dovecot:2.2.7", "cpe:/a:dovecot:dovecot:1.2.0", "cpe:/a:dovecot:dovecot:2.1.4", "cpe:/a:dovecot:dovecot:2.0.12", "cpe:/a:dovecot:dovecot:2.2.0", "cpe:/a:dovecot:dovecot:2.0.5", "cpe:/a:dovecot:dovecot:1.2.5", "cpe:/a:dovecot:dovecot:2.1.7", "cpe:/a:dovecot:dovecot:1.1.0", "cpe:/a:dovecot:dovecot:1.2.2", "cpe:/a:dovecot:dovecot:2.0.15", "cpe:/a:dovecot:dovecot:2.2", "cpe:/a:dovecot:dovecot:2.1.11", "cpe:/a:dovecot:dovecot:1.2.8", "cpe:/a:dovecot:dovecot:2.1.13", "cpe:/a:dovecot:dovecot:1.1.4", "cpe:/a:dovecot:dovecot:2.0", "cpe:/a:dovecot:dovecot:2.1.10", "cpe:/a:dovecot:dovecot:2.0.0", "cpe:/a:dovecot:dovecot:2.1.15", "cpe:/a:dovecot:dovecot:2.0.3", "cpe:/a:dovecot:dovecot:2.0.10", "cpe:/a:dovecot:dovecot:2.2.8", "cpe:/a:dovecot:dovecot:2.0.9", "cpe:/a:dovecot:dovecot:2.1.12", "cpe:/a:dovecot:dovecot:2.0.8", "cpe:/a:dovecot:dovecot:2.2.4", "cpe:/a:dovecot:dovecot:1.2.6"], "id": "CVE-2014-3430", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3430", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:dovecot:dovecot:2.1:rc5:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:1.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.1:rc3:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:1.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:1.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:1.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:1.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:1.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.2:rc3:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:1.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:1.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:1.2.14:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.2.13:rc1:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.2:rc6:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:1.2.15:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.2:rc5:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.2:rc7:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.2:rc4:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.1:rc6:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.1:rc7:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:1.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:1.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:dovecot:dovecot:2.0.11:*:*:*:*:*:*:*"]}], "securityvulns": [{"lastseen": "2021-06-08T18:49:20", "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "edition": 2, "cvss3": {}, "published": "2014-05-10T00:00:00", "title": "Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-3430", "CVE-2014-2989", "CVE-2014-3243", "CVE-2014-2301", "CVE-2014-0130", "CVE-2014-3242", "CVE-2014-2665", "CVE-2014-2689", "CVE-2014-3146", "CVE-2014-3225"], "modified": "2014-05-10T00:00:00", "id": "SECURITYVULNS:VULN:13764", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13764", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}