11 matches found
RHEL 5 : dovecot (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dovecot: improper NULL byte handling in IMAP and ManageSieve protocol parsers leads to out of bounds writ...
AlmaLinux 8 : dovecot (ALSA-2021:1887)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:1887 advisory. - An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controlled...
dovecot: IMAP hibernation function allows mail access
An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controlled parameters, leading to access to other users' email messages and path disclosure...
EulerOS 2.0 SP8 : dovecot (EulerOS-SA-2021-1139)
According to the versions of the dovecot packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controll...
Fedora 32 : 1:dovecot (2021-c90cb486f7)
The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-c90cb486f7 advisory. - An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controlled...
DEBIAN-CVE-2020-24386
An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controlled parameters, leading to access to other users' email messages and path disclosure...
ALPINE-CVE-2020-24386
An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controlled parameters, leading to access to other users' email messages and path disclosure...
CVE-2020-24386
An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controlled parameters, leading to access to other users' email messages and path disclosure...
CVE-2020-24386
CVE-2020-24386 affects Dovecot prior to 2.3.13. An authenticated user can abuse IMAP IDLE to trigger unhibernation via attacker-controlled parameters, enabling access to other users’ emails and path disclosure. Multiple connected advisories confirm fixes in downstream distributions (e.g., Dovecot...
CVE-2020-24386
An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controlled parameters, leading to access to other users' email messages and path disclosure...
UBUNTU-CVE-2020-24386
An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controlled parameters, leading to access to other users' email messages and path disclosure...