3 matches found
Dovecot 2.3.11.3 Denial Of Service Vulnerability
Dovecot 2.3.11.3 Denial Of Service Vulnerability Vendor: OX Software GmbH Internal reference: DOV-4113 Bug ID Vulnerability type: CWE-20: Improper Input Validation Vulnerable version: 2.3.11-2.3.11.3 Vulnerable component: lda, lmtp, imap Report confidence: Confirmed Solution status: Fixed by Vend...
Important: dovecot
Issue Overview: In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled. A flaw was found in dovecot. An attacker can use the way dovecot handles RPA Remote Passphrase Authentication to crash the authentication proce...
Out-of-bounds
In Dovecot before 2.3.11.3, sending a specially formatted NTLM request will crash the auth service because of an out-of-bounds read...