Lucene search
K

22 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-15130

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial of service flaw was found in dovecot before 2.2.34. An attacker able to generate random SNI server names could exploit TLS SNI configuration lookups,...

5.9CVSS6.4AI score0.02643EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2018-0160)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS6.5AI score0.17572EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2018:2632-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.9AI score0.02643EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2018:2632-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.9AI score0.02643EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for dovecot (EulerOS-SA-2019-2571)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS6.5AI score0.17572EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/11/12 12:0 a.m.41 views

EulerOS 2.0 SP5 : dovecot (EulerOS-SA-2019-2138)

According to the versions of the dovecot packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 and Pigeonhole before 0.5.7.2, protocol processing can fail for quoted strings. This occurs...

9.8CVSS7.1AI score0.62579EPSS
Exploits1References4
OSV
OSV
added 2018/10/18 12:50 p.m.6 views

SUSE-SU-2018:2632-2 Security update for dovecot22

This update for dovecot22 fixes the following issues: Security issue fixed: - CVE-2017-15130: Fixed a potential denial of service via TLS SNI config lookups, which would slow the process down and could have led to exhaustive memory allocation and/or process restarts bsc1082828...

5.9CVSS6.2AI score0.02643EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2018/09/07 12:8 a.m.88 views

Security update for dovecot22 (important)

This update for dovecot22 fixes the following issues: Security issue fixed: - CVE-2017-15130: Fixed a potential denial of service via TLS SNI config lookups, which would slow the process down and could have led to exhaustive memory allocation and/or process restarts bsc1082828 This update was...

4.3CVSS2.2AI score0.02643EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/09/07 12:0 a.m.31 views

openSUSE Security Update : dovecot22 (openSUSE-2018-973)

This update for dovecot22 fixes the following issues : Security issue fixed : - CVE-2017-15130: Fixed a potential denial of service via TLS SNI config lookups, which would slow the process down and could have led to exhaustive memory allocation and/or process restarts bsc1082828 This update was...

5.9CVSS6.6AI score0.02643EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/09/07 12:0 a.m.30 views

SUSE SLES12 Security Update : dovecot22 (SUSE-SU-2018:2632-1)

This update for dovecot22 fixes the following issues : Security issue fixed : CVE-2017-15130: Fixed a potential denial of service via TLS SNI config lookups, which would slow the process down and could have led to exhaustive memory allocation and/or process restarts bsc1082828 Note that Tenable...

5.9CVSS6.6AI score0.02643EPSS
Exploits0References4
OSV
OSV
added 2018/09/06 5:43 a.m.5 views

SUSE-SU-2018:2632-1 Security update for dovecot22

This update for dovecot22 fixes the following issues: Security issue fixed: - CVE-2017-15130: Fixed a potential denial of service via TLS SNI config lookups, which would slow the process down and could have led to exhaustive memory allocation and/or process restarts bsc1082828...

5.9CVSS6.2AI score0.02643EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/04/02 12:0 a.m.33 views

Debian DLA-1333-1 : dovecot security update

Several vulnerabilities have been discovered in the Dovecot email server. The Common Vulnerabilities and Exposures project identifies the following issues : CVE-2017-14461 Aleksandar Nikolic of Cisco Talos and 'flxflndy' discovered that Dovecot does not properly parse invalid email addresses, whi...

7.5CVSS6.6AI score0.17572EPSS
Exploits0References5
Mageia
Mageia
added 2018/03/07 8:37 p.m.42 views

Updated dovecot packages fix security vulnerabilities

Dovecot has been updated to version 2.2.34 to fix two security issues. CVE-2017-14461: This vulnerability comes in two flavors. A malicious party can send a specially crafted email to a vulnerable system, causing it to crash dovecot. In some systems, the mail can be stored into the mail system,...

7.1CVSS3AI score0.17572EPSS
Exploits0References3
ArchLinux
ArchLinux
added 2018/03/06 12:0 a.m.35 views

[ASA-201803-7] dovecot: multiple issues

Arch Linux Security Advisory ASA-201803-7 ========================================= Severity: High Date : 2018-03-06 CVE-ID : CVE-2017-14461 CVE-2017-15130 CVE-2017-15132 Package : dovecot Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-645 Summary ======= The packag...

7.5CVSS0.3AI score0.17572EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2018/03/06 12:0 a.m.33 views

Ubuntu 14.04 LTS / 16.04 LTS : Dovecot vulnerabilities (USN-3587-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3587-1 advisory. It was discovered that Dovecot incorrectly handled parsing certain email addresses. A remote attacker could use this issue to cause Dovecot t...

7.1CVSS6.8AI score0.17572EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2018/03/05 12:43 p.m.53 views

USN-3587-1: Dovecot vulnerabilities

It was discovered that Dovecot incorrectly handled parsing certain email addresses. A remote attacker could use this issue to cause Dovecot to crash, resulting in a denial of service, or possibly obtain sensitive information. CVE-2017-14461 It was discovered that Dovecot incorrectly handled TLS S...

7.1CVSS6.8AI score0.17572EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/03/05 12:0 a.m.42 views

Debian DSA-4130-1 : dovecot - security update

Several vulnerabilities have been discovered in the Dovecot email server. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2017-14461 Aleksandar Nikolic of Cisco Talos and 'flxflndy' discovered that Dovecot does not properly parse invalid email addresses,...

7.5CVSS6.5AI score0.17572EPSS
Exploits0References13
Debian
Debian
added 2018/03/02 10:28 p.m.23 views

[SECURITY] [DSA 4130-1] dovecot security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4130-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 02, 2018 https://www.debian.org/security/faq -...

7.5CVSS7.7AI score0.17572EPSS
Exploits0
Debian
Debian
added 2018/03/02 10:28 p.m.35 views

[SECURITY] [DSA 4130-1] dovecot security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4130-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 02, 2018 https://www.debian.org/security/faq -...

5.5CVSS2.1AI score0.17572EPSS
Exploits0
CVE
CVE
added 2018/03/02 3:0 p.m.138 views

CVE-2017-15130

CVE-2017-15130 affects Dovecot; a denial-of-service via TLS SNI config lookups occurs when an attacker can generate random SNI server names, causing excessive memory usage and possible restart. Affected are Dovecot versions before 2.2.34. Several advisories/plugins (SUSE/OpenSUSE, EulerOS, Debian...

5.9CVSS5.8AI score0.02643EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder