dovecot: denial of service via crafted message before authentication

A flaw was found in dovecot. An unauthenticated and remote attacker can send a crafted message that causes managesieve to allocate an excessive amount of memory, forcing managesieve-login to be unavailable by repeatedly crashing the process, resulting in a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2017-15132

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. An abort of SASL authentication results in a memory leak in dovecot's auth client used by login processe...

Linux Distros Unpatched Vulnerability : CVE-2017-15130

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial of service flaw was found in dovecot before 2.2.34. An attacker able to generate random SNI server names could exploit TLS SNI configuration lookups,...

dovecot: using a large number of address headers may trigger a denial of service

A flaw was found in Dovecot. Processing a large number of address headers From, To, Cc, Bcc, etc can be excessively CPU intensive. This flaw allows a remote attacker to trigger a denial of service...

dovecot: malformed NOOP commands leads to DoS

A flaw was found in Dovecot, where it did not properly handle certain malformed NOOP commands. This flaw allows a malicious attacker to cause the submission, submission-login, or lmtp services to crash by sending specially crafted commands...