32 matches found
MiracleLinux 8 : dovecot-2.3.8-4.el8 (AXSA:2021-1195:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1195:01 advisory. dovecot: command followed by sufficient number of newlines leads to use-after-free CVE-2020-10958 dovecot: sending mail with empty quoted localpart...
AlmaLinux 8 : dovecot (ALSA-2020:4763)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4763 advisory. - In Dovecot before 2.3.10.1, a crafted SMTP/LMTP message triggers an unauthenticated use-after-free bug in submission-login, submission, or lmtp, and can...
SUSE: Security Advisory (SUSE-SU-2020:1379-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 8 : dovecot (CESA-2020:4763)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4763 advisory. - dovecot: command followed by sufficient number of newlines leads to use-after-free CVE-2020-10958 - dovecot: sending mail with empty quoted localpart...
dovecot security update
1:2.3.8-4 - fix CVE-2020-12100 resource exhaustion via deeply nested MIME parts 1866756 - fix CVE-2020-12673 out of bound reads in dovecot NTLM implementation 1866761 - fix CVE-2020-12674 crash due to assert in RPA implementation 1866768 1:2.3.8-3 - fix CVE-2020-10957 dovecot: malformed NOOP...
Moderate: Red Hat Security Advisory: dovecot security update
An update for dovecot is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
ALSA-2020:4763 Moderate: dovecot security update
Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fixes: doveco...
Moderate: dovecot security update
Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fixes: doveco...
Fedora: Security Advisory for dovecot (FEDORA-2020-b8ebc4201e)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 31 : 1:dovecot (2020-cd8b8f887b)
CVE-2020-12100: Parsing mails with a large number of MIME parts could have resulted in excessive CPU usage or a crash due to running out of stack memory. CVE-2020-12673: Dovecot's NTLM implementation does not correctly check message buffer size, which leads to reading past allocation which can le...
Fedora: Security Advisory for dovecot (FEDORA-2020-cd8b8f887b)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Huawei EulerOS: Security Advisory for dovecot (EulerOS-SA-2020-1843)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 Security Update : dovecot23 (SUSE-SU-2020:1380-1)
This update for dovecot23 to 2.3.10 fixes the following issues : Security issues fixed : CVE-2020-10957: Fixed a crash caused by malformed NOOP commands bsc1171457. CVE-2020-10958: Fixed a use-after-free when receiving too many newlines bsc1171458. CVE-2020-10967: Fixed a crash in the lmtp and...
SUSE SLES15 Security Update : dovecot23 (SUSE-SU-2020:1379-1)
This update for dovecot23 fixes the following issues : Security issues fixed : CVE-2020-10957: Fixed a crash caused by malformed NOOP commands bsc1171457. CVE-2020-10958: Fixed a use-after-free when receiving too many newlines bsc1171458. CVE-2020-10967: Fixed a crash in the lmtp and submission...
Dovecot Denial of Service (CVE-2020-10967)
A denial-of-service vulnerability exists in Dovecot. Successful exploitation of this vulnerability could cause a denial-of-service condition...
openSUSE Security Update : dovecot23 (openSUSE-2020-720)
This update for dovecot23 to 2.3.10 fixes the following issues : Security issues fixed : - CVE-2020-10957: Fixed a crash caused by malformed NOOP commands bsc1171457. - CVE-2020-10958: Fixed a use-after-free when receiving too many newlines bsc1171458. - CVE-2020-10967: Fixed a crash in the lmtp...
Fedora 31 : 1:dovecot (2020-b60344c987)
CVE-2020-10957: lmtp/submission: A client can crash the server by sending a NOOP command with an invalid string parameter. This occurs particularly for a parameter that doesn't start with a double quote. This applies to all SMTP services, including submission-login, which makes it possible to...
openSUSE: Security Advisory for dovecot23 (openSUSE-SU-2020:0720-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2020:0720-1 Security update for dovecot23
This update for dovecot23 to 2.3.10 fixes the following issues: Security issues fixed: - CVE-2020-10957: Fixed a crash caused by malformed NOOP commands bsc1171457. - CVE-2020-10958: Fixed a use-after-free when receiving too many newlines bsc1171458. - CVE-2020-10967: Fixed a crash in the lmtp an...
Security update for dovecot23 (important)
openSUSE Security Update: Security update for dovecot23 Announcement ID: openSUSE-SU-2020:0720-1 Rating: important References: 1171456 1171457 1171458 Cross-References: CVE-2020-10957 CVE-2020-10958 CVE-2020-10967 Affected Products: openSUSE Leap 15.1 An update that fixes three vulnerabilities is...