11 matches found
SUSE: Security Advisory (SUSE-SU-2017:1250-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Dovecot User Authentication Denial of Service Vulnerability
Dovecot is prone to a Denial of Service vulnerability within the user authentication. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2017-2669
Dovecot before version 2.2.29 is vulnerable to a denial of service. When 'dict' passdb and userdb were used for user authentication, the username sent by the IMAP/POP3 client was sent through varexpand to perform %variable expansion. Sending specially crafted %variable fields could result in...
CVE-2017-2669
CVE-2017-2669 affects Dovecot before 2.2.29.1. When dict passdb/userdb is used, a crafted username may cause DoS by double-expanding %variables via var_expand(), leading to excessive memory or CPU usage. Public fixes exist: upgrading to Dovecot 2.2.29.1 (or later, e.g., 2.2.30.x per distributors)...
SUSE SLES12 Security Update : dovecot22 (SUSE-SU-2017:1250-1)
This update for dovecot22 to version 2.2.29.1 fixes the following issues: This security issue was fixed : - CVE-2017-2669: Don't double-expand %variables in keys. If dict was used as the authentication passdb, using specially crafted %variables in the username could be used to cause DoS bsc103224...
SUSE-SU-2017:1250-1 Security update for dovecot22
This update for dovecot22 to version 2.2.29.1 fixes the following issues: This security issue was fixed: - CVE-2017-2669: Don't double-expand %variables in keys. If dict was used as the authentication passdb, using specially crafted %variables in the username could be used to cause DoS bsc1032248...
Fedora Update for dovecot FEDORA-2017-da4ed58fd5
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[ASA-201705-1] dovecot: denial of service
Arch Linux Security Advisory ASA-201705-1 ========================================= Severity: Medium Date : 2017-05-01 CVE-ID : CVE-2017-2669 Package : dovecot Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-238 Summary ======= The package dovecot before version...
Ubuntu: Security Advisory (USN-3258-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 3828-1] dovecot security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3828-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 10, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3828-1] dovecot security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3828-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 10, 2017 https://www.debian.org/security/faq -...