19 matches found
OX Dovecot Pro / CE Improper Handling / Denial of Service / Bypass
OX Dovecot Pro and Ox Dovecot CE suffer from bypass, denial of service, and insecure handling vulnerabilities. Versions affected vary based on the issue...
Open-Xchange OX Dovecot Pro 安全漏洞
Open-Xchange OX Dovecot Pro is a mail storage and delivery system provided by the German company Open-Xchange. Open-Xchange OX Dovecot Pro has a security vulnerability. This vulnerability arises from the possibility for attackers to use specially crafted Base64-encoded exchanges to forge SCRAM TL...
Open-Xchange OX Dovecot Pro 安全漏洞
Open-Xchange OX Dovecot Pro is a mail storage and delivery system provided by the German company Open-Xchange. Open-Xchange OX Dovecot Pro has a security vulnerability. This vulnerability arises from the use of a security filter for variable expansion, where all subsequent pipes on the same strin...
Open-Xchange OX Dovecot Pro 资源管理错误漏洞
Open-Xchange OX Dovecot Pro is an email storage and delivery system provided by the German company Open-Xchange. Open-Xchange OX Dovecot Pro has a resource management vulnerability. This vulnerability stems from allowing attackers to upload malicious Sieve scripts, bypassing the configured CPU ti...
Open-Xchange OX Dovecot Pro 访问控制错误漏洞
Open-Xchange OX Dovecot Pro is an email storage and delivery system provided by the German company Open-Xchange. Open-Xchange OX Dovecot Pro has a access control vulnerability. This vulnerability stems from the IMAP SETACL command, which allows the anyone permission to be injected into the user’s...
Open-Xchange OX Dovecot Pro 资源管理错误漏洞
Open-Xchange OX Dovecot Pro is an email storage and delivery system provided by the German company Open-Xchange. Open-Xchange OX Dovecot Pro has a resource management vulnerability, which stems from excessive use of curly braces in IMAP, leading to uncontrolled memory usage. This can result in...
📄 Dovecot IMAP NOOP Command Memory Exhaustion Denial of Service
This Metasploit auxiliary module targets a memory exhaustion vulnerability in the Dovecot IMAP service. It opens multiple concurrent TCP connections and sends specially crafted NOOP commands containing deeply nested parentheses to force excessive memory allocation on the server. By sustaining the...
Open-Xchange OX Dovecot Pro 安全漏洞
Open-Xchange OX Dovecot Pro is a mail storage and delivery system provided by the German company Open-Xchange. Open-Xchange OX Dovecot Pro has a security vulnerability that stems from disconnecting from the authentication server when invalid base64 SASL data is sent. This vulnerability could lead...
Open-Xchange OX Dovecot Pro 安全漏洞
Open-Xchange OX Dovecot Pro is a mail storage and delivery system provided by the German company Open-Xchange. Open-Xchange OX Dovecot Pro has a security vulnerability, which stems from the insecure handling of zip-format attachments by the attachment-to-text script. This vulnerability may allow...
Open-Xchange OX Dovecot Pro 安全漏洞
Open-Xchange OX Dovecot Pro is an email storage and delivery system provided by the German company Open-Xchange. Open-Xchange OX Dovecot Pro has a security vulnerability, which stems from the use of passwd files for each domain. This configuration allows for path traversal attacks, potentially...
Open-Xchange OX Dovecot Pro 安全漏洞
Open-Xchange OX Dovecot Pro is a mail storage and delivery system provided by the German company Open-Xchange. Open-Xchange OX Dovecot Pro has a security vulnerability that can be exploited under certain conditions, leading to a replay attack, which may allow attackers to log in as users...
Open-Xchange OX Dovecot Pro 安全漏洞
Open-Xchange OX Dovecot Pro is a mail storage and delivery system provided by the German company Open-Xchange. OX Dovecot Pro has a security vulnerability; this vulnerability arises from email messages that contain excessive RFC 2231 MIME parameters, which may lead to excessive CPU usage and...
Open-Xchange OX Dovecot Pro 安全漏洞
Open-Xchange OX Dovecot Pro is a mail storage and delivery system provided by the German company Open-Xchange. Open-Xchange OX Dovecot Pro has a security vulnerability; this vulnerability stems from direct comparison in credential verification and makes it vulnerable to timing attack attacks, whi...
Open-Xchange OX Dovecot Pro 安全漏洞
Open-Xchange OX Dovecot Pro is a mail storage and delivery system provided by the German company Open-Xchange. Open-Xchange OX Dovecot Pro has a security vulnerability; this vulnerability arises from the possibility of additional memory allocation when specific NOOP commands are sent, which could...
Open-Xchange OX Dovecot Pro 安全漏洞
Open-Xchange OX Dovecot Pro is a mail storage and delivery system provided by the German company Open-Xchange. Open-Xchange OX Dovecot Pro has a security vulnerability. This vulnerability stems from the ManageSieve AUTHENTICATE command failing when literal values are used as SASL initial response...
Open-Xchange OX Dovecot Pro 安全漏洞
Open-Xchange OX Dovecot Pro is a mail storage and delivery system provided by the German company Open-Xchange. Open-Xchange OX Dovecot Pro has a security vulnerability. This vulnerability allows attackers to send specially crafted messages before authentication, thereby allocating a large amount ...
Open-Xchange OX Dovecot Pro 安全漏洞
Open-Xchange OX Dovecot Pro is a mail storage and delivery system provided by the German company Open-Xchange. Open-Xchange OX Dovecot Pro has a security vulnerability. This vulnerability arises from the possibility of injecting arbitrary LDAP filters when authusernamechars is empty, which may le...
Open-Xchange OX Dovecot Pro 安全漏洞
Open-Xchange OX Dovecot Pro is a mail storage and delivery system from Open-Xchange Germany. A security vulnerability exists in Open-Xchange OX Dovecot Pro that stems from the passdb or userdb driver incorrectly caching all users with the same cache key when caching is enabled, causing subsequent...
CVE-2024-25584
Dovecot accepts dot LF DOT LF symbol as end of DATA command. RFC requires that it should always be CR LF DOT CR LF. This causes Dovecot to convert single mail with LF DOT LF in middle, into two emails when relaying to SMTP. Dovecot will split mail with LF DOT LF into two mails. Upgrade to latest...