Lucene search
K

19 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:39 a.m.3 views

SUSE CVE-2017-14461

A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service. In order to trigger this vulnerability, an attacker needs to send a specially crafted email message to the...

7.5CVSS6.4AI score0.17572EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2018-0160)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS6.5AI score0.17572EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for dovecot (EulerOS-SA-2019-2571)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS6.5AI score0.17572EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/11/12 12:0 a.m.41 views

EulerOS 2.0 SP5 : dovecot (EulerOS-SA-2019-2138)

According to the versions of the dovecot packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 and Pigeonhole before 0.5.7.2, protocol processing can fail for quoted strings. This occurs...

9.8CVSS7.1AI score0.62579EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2018/05/03 12:0 a.m.22 views

openSUSE Security Update : dovecot22 (openSUSE-2018-414)

This update for dovecot22 fixes the following issues : - CVE-2017-14461: dovecot22: rfc822parsedomain Information Leak Vulnerability bsc1082826 This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packag...

7.1CVSS6.7AI score0.17572EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/05/03 12:0 a.m.27 views

SUSE SLES12 Security Update : dovecot22 (SUSE-SU-2018:1125-1)

This update for dovecot22 fixes the following issues : - CVE-2017-14461: dovecot22: rfc822parsedomain bsc1082826 Information Leak Vulnerability Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...

7.1CVSS6.8AI score0.17572EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/04/02 12:0 a.m.33 views

Debian DLA-1333-1 : dovecot security update

Several vulnerabilities have been discovered in the Dovecot email server. The Common Vulnerabilities and Exposures project identifies the following issues : CVE-2017-14461 Aleksandar Nikolic of Cisco Talos and 'flxflndy' discovered that Dovecot does not properly parse invalid email addresses, whi...

7.5CVSS6.6AI score0.17572EPSS
Exploits0References5
Mageia
Mageia
added 2018/03/07 8:37 p.m.42 views

Updated dovecot packages fix security vulnerabilities

Dovecot has been updated to version 2.2.34 to fix two security issues. CVE-2017-14461: This vulnerability comes in two flavors. A malicious party can send a specially crafted email to a vulnerable system, causing it to crash dovecot. In some systems, the mail can be stored into the mail system,...

7.1CVSS3AI score0.17572EPSS
Exploits0References3
ArchLinux
ArchLinux
added 2018/03/06 12:0 a.m.33 views

[ASA-201803-7] dovecot: multiple issues

Arch Linux Security Advisory ASA-201803-7 ========================================= Severity: High Date : 2018-03-06 CVE-ID : CVE-2017-14461 CVE-2017-15130 CVE-2017-15132 Package : dovecot Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-645 Summary ======= The packag...

7.5CVSS0.3AI score0.17572EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2018/03/06 12:0 a.m.33 views

Ubuntu 14.04 LTS / 16.04 LTS : Dovecot vulnerabilities (USN-3587-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3587-1 advisory. It was discovered that Dovecot incorrectly handled parsing certain email addresses. A remote attacker could use this issue to cause Dovecot t...

7.1CVSS6.8AI score0.17572EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2018/03/05 12:43 p.m.53 views

USN-3587-1: Dovecot vulnerabilities

It was discovered that Dovecot incorrectly handled parsing certain email addresses. A remote attacker could use this issue to cause Dovecot to crash, resulting in a denial of service, or possibly obtain sensitive information. CVE-2017-14461 It was discovered that Dovecot incorrectly handled TLS S...

7.1CVSS6.8AI score0.17572EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/03/05 12:0 a.m.42 views

Debian DSA-4130-1 : dovecot - security update

Several vulnerabilities have been discovered in the Dovecot email server. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2017-14461 Aleksandar Nikolic of Cisco Talos and 'flxflndy' discovered that Dovecot does not properly parse invalid email addresses,...

7.5CVSS6.5AI score0.17572EPSS
Exploits0References13
Debian
Debian
added 2018/03/02 10:28 p.m.23 views

[SECURITY] [DSA 4130-1] dovecot security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4130-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 02, 2018 https://www.debian.org/security/faq -...

7.5CVSS7.7AI score0.17572EPSS
Exploits0
Debian
Debian
added 2018/03/02 10:28 p.m.29 views

[SECURITY] [DSA 4130-1] dovecot security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4130-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 02, 2018 https://www.debian.org/security/faq -...

5.5CVSS2.1AI score0.17572EPSS
Exploits0
OSV
OSV
added 2018/03/02 3:29 p.m.25 views

CVE-2017-14461

A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service. In order to trigger this vulnerability, an attacker needs to send a specially crafted email message to the...

7.1CVSS6.8AI score
Exploits0References7
OSV
OSV
added 2018/03/02 3:29 p.m.2 views

ALPINE-CVE-2017-14461

A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service. In order to trigger this vulnerability, an attacker needs to send a specially crafted email message to the...

7.1CVSS6.4AI score0.17572EPSS
Exploits0References1
CVE
CVE
added 2018/03/02 3:0 p.m.161 views

CVE-2017-14461

CVE-2017-14461 affects Dovecot when a specially crafted email delivered over SMTP to a server is parsed by Dovecot, triggering an out-of-bounds read that can disclose sensitive information or cause a denial of service. The issue stems from improper handling of certain emails and has been addresse...

7.1CVSS6.6AI score0.17572EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2018/03/02 3:0 p.m.31 views

CVE-2017-14461

A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service. In order to trigger this vulnerability, an attacker needs to send a specially crafted email message to the...

7.1CVSS6.3AI score0.17572EPSS
Exploits0
OpenVAS
OpenVAS
added 2018/03/01 12:0 a.m.48 views

Debian: Security Advisory (DSA-4130-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.17572EPSS
Exploits0References4
Rows per page
Query Builder