MiracleLinux 8 : dovecot-2.3.16-2.el8 (AXSA:2022-3412:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3412:01 advisory. dovecot: plaintext commands injection CVE-2021-33515 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

OPENSUSE-SU-2025:15676-1 dovecot24-2.4.2-1.1 on GA media

These are all security issues fixed in the dovecot24-2.4.2-1.1 package on the GA media of openSUSE Tumbleweed...

Linux Distros Unpatched Vulnerability : CVE-2014-3430

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cau...

SUSE CVE-2008-4870

dovecot 1.0.7 in Red Hat Enterprise Linux RHEL 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the sslkeypassword parameter value...

Security fix for the ALT Linux 9 package dovecot version 2.3.16-alt1

2.3.16-alt1 built Aug. 19, 2021 Andrey Cherepanov in task 282506 Aug. 12, 2021 Andrey Cherepanov - Updated to 2.3.16 fixes CVE-2021-33515, CVE-2021-29157, CVE-2021-33515, CVE-2021-29157. - Package watch file...

SUSE-SU-2021:0029-1 Security update for dovecot23

This update for dovecot23 fixes the following issues: Security issues fixed: - CVE-2020-12100: Fixed a resource exhaustion caused by deeply nested MIME parts bsc1174920. - CVE-2020-24386: Fixed an issue with IMAP hibernation that allowed users to access other users' emails bsc1180405. -...

CVE-2020-25275

Dovecot before 2.3.13 has Improper Input Validation in lda, lmtp, and imap, leading to an application crash via a crafted email message with certain choices for ten thousand MIME parts...

CVE-2017-2669

Dovecot before version 2.2.29 is vulnerable to a denial of service. When 'dict' passdb and userdb were used for user authentication, the username sent by the IMAP/POP3 client was sent through varexpand to perform %variable expansion. Sending specially crafted %variable fields could result in...

CVE-2017-2669

Dovecot before version 2.2.29 is vulnerable to a denial of service. When 'dict' passdb and userdb were used for user authentication, the username sent by the IMAP/POP3 client was sent through varexpand to perform %variable expansion. Sending specially crafted %variable fields could result in...

Dovecot Version Detection

This script detects the installed version of Dovecot and sets the result in KB. OpenVAS Vulnerability Test $Id: secpoddovecotdetect.nasl 7823 2017-11-20 08:54:04Z cfischer $ Dovecot Version Detection Authors: Antu Sanadi Copyright: Copyright c 2009 SecPod, http://www.secpod.com This program is fr...