EUVD-2013-2081

Malware in sbrugna...

Dovecot IMAP Server 2.2 / 2.3 Denial Of Service

Affected product: Dovecot IMAP Server Internal reference: DOV-6601 Vulnerability type: CWE-770 Allocation of Resources Without Limits or Throttling Vulnerable version: 2.2, 2.3 Vulnerable component: lib-mail Report confidence: Confirmed Solution status: Fixed in 2.3.21.1 Researcher credits: Vendo...

Dovecot IMAP Server 2.2 / 2.3 Missing Rate Limiting

Affected product: Dovecot IMAP Server Internal reference: DOV-6464 Vulnerability type: CWE-770 Allocation of Resources Without Limits or Throttling Vulnerable version: 2.2, 2.3 Vulnerable component: lib-mail Report confidence: Confirmed Solution status: Fixed in 2.3.21.1 Researcher credits: Vendo...

Dovecot IMAP Server 2.2 Improper Access Control Vulnerability

Dovecot IMAP server version 2.2 suffers from a privilege escalation vulnerability. When two passdb configuration entries exist in the Dovecot configuration, which have the same driver and args settings, the incorrect usernamefilter and mechanism settings can be applied to passdb definitions. Thes...

CVE-2022-30550

A vulnerability was found in the Dovecot IMAP Server. When two passdb configuration entries exist in the Dovecot configuration, which have the same driver and args settings, the incorrect usernamefilter and mechanism settings can be applied to passdb definitions. These incorrect settings can lead...

SUSE-SU-2021:0028-1 Security update for dovecot23

This update for dovecot23 fixes the following issues: Security issues fixed: - CVE-2020-12100: Fixed a resource exhaustion caused by deeply nested MIME parts bsc1174920. - CVE-2020-12673: Fixed an improper implementation of NTLM that did not check the message buffer size bsc1174922. -...

CVE-2020-24386

An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controlled parameters, leading to access to other users' email messages and path disclosure. Mitigation To mitigate this flaw, ensure that imaphibernatetimeout is...

CVE-2020-7957

The IMAP and LMTP components in Dovecot 2.3.9 before 2.3.9.3 mishandle snippet generation when many characters must be read to compute the snippet and a trailing character exists. This causes a denial of service in which the recipient cannot read all of their messages...

Dovecot IMAP Server rfc822_parse_domain Information Leak Vulnerability

Summary An exploitable out of bounds read vulnerability exists in the RFC822 parser as implemented in Dovecot IMAP Server 2.2.33.2. A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosu...

Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit

No description provided by source. lame Dovecot IMAP 1.0.10 - 1.1rc3 Exploit Here's an exploit for the recent TAB vulnerability in Dovecot. It's nothing special since in the wild there are few to none targets because of the special option which has to be set. see CVE Entry CVE-2008-1218 Exploit...

CVE-2013-2111

The IMAP functionality in Dovecot before 2.2.2 allows remote attackers to cause a denial of service infinite loop and CPU consumption via invalid APPEND parameters...

UBUNTU-CVE-2013-2111

The IMAP functionality in Dovecot before 2.2.2 allows remote attackers to cause a denial of service infinite loop and CPU consumption via invalid APPEND parameters...

CVE-2014-3430

Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service resource consumption via an incomplete SSL/TLS handshake for an IMAP/POP3 connection...

dovecot security update

CentOS Errata and Security Advisory CESA-2013:0520 Updated dovecot packages that fix three security issues and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS...

Fedora Update for dovecot FEDORA-2008-2475

Check for the Version of dovecot OpenVAS Vulnerability Test Fedora Update for dovecot FEDORA-2008-2475 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Dovecot IMAP 1.0.10 &lt;= 1.1rc2 Remote Email Disclosure Exploit

No description provided by source. lame Dovecot IMAP 1.0.10 - 1.1rc3 Exploit Here's an exploit for the recent TAB vulnerability in Dovecot. It's nothing special since in the wild there are few to none targets because of the special option which has to be set. see CVE Entry CVE-2008-1218 Exploit...

Dovecot IMAP 1.0.10 1.1rc2 - Remote Email Disclosure

Dovecot IMAP 1.0.10 1.1rc2 - Remote Email Disclosure lame Dovecot IMAP 1.0.10 - 1.1rc3 Exploit Here's an exploit for the recent TAB vulnerability in Dovecot. It's nothing special since in the wild there are few to none targets because of the special option which has to be set. see CVE Entry...

Dovecot IMAP 1.0.10 <= 1.1rc2 Remote Email Disclosure Exploit

Exploit for multiple platform in category remote exploits ============================================================= Dovecot IMAP 1.0.10 1.1rc3 Exploit Here's an exploit for the recent TAB vulnerability in Dovecot. It's nothing special since in the wild there are few to none targets because of...

Dovecot IMAP 1.0.10 &lt; 1.1rc2 - Remote Email Disclosure

lame Dovecot IMAP 1.0.10 - 1.1rc3 Exploit Here's an exploit for the recent TAB vulnerability in Dovecot. It's nothing special since in the wild there are few to none targets because of the special option which has to be set. see CVE Entry CVE-2008-1218 Exploit written by Kingcope import sys impor...

DSA-1430-1 libnss-ldap - information disclosure

Bulletin has no description...