13 matches found
Fedora 41 : iwd / libell / ofono (2024-900c75b70c)
The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-900c75b70c advisory. iwd 2.20: Fix issue with PKEX timeout and number of frequencies used. Fix issue with handling logic for handshake failures. Fix issue with handling...
SUSE CVE-2015-3420
The ssl-proxy-openssl.c function in Dovecot before 2.2.17, when SSLv3 is disabled, allow remote attackers to cause a denial of service login process crash via vectors related to handshake failures...
SUSE CVE-2020-13962
Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions, an unrelated session may be disconnected when any handshake fails...
GHSA-P72G-CGH9-GHJG Failing DTLS handshakes may cause throttling to block processing of records
Impact Failing handshakes didn't cleanup counters for throttling. In consequence the threshold may get reached and will not be released again. The results in permanently dropping records. The issues was reported for certificate based handshakes, but it can't be excluded, that this happens also fo...
October 17, 2022—KB5020436 (OS Build 20348.1131) Out-of-band
October 17, 2022—KB5020436 OS Build 20348.1131 Out-of-band For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to...
October 17, 2022 Non-security update (KB5020446) Out-of-band
October 17, 2022 Non-security update KB5020446 Out-of-band For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Azure Stack HCI, version 20H2, see its update history page. Improvements This...
October 17, 2022—KB5020438 (OS Build 17763.3534) Out-of-band
October 17, 2022—KB5020438 OS Build 17763.3534 Out-of-band 10/11/22 REMINDER As of September 20, 2022, there are no more optional, non-security releases known as "C" or preview releases for the 2019 LTSC editions and Windows Server 2019. Only cumulative monthly security updates known as the "B" o...
PT-2021-6876 · Openssl · Openssl
Name of the Vulnerable Software and Affected Versions: OpenSSL version 3.0.0 OpenSSL versions prior to 3.0.1 Description: The issue is related to the mishandling of internal errors by the X509 verify cert function in OpenSSL. This function may return a negative value to indicate an internal error...
EulerOS 2.0 SP3 : dovecot (EulerOS-SA-2021-1064)
According to the versions of the dovecot packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service resource...
Design/Logic Flaw
The ssl-proxy-openssl.c function in Dovecot before 2.2.17, when SSLv3 is disabled, allow remote attackers to cause a denial of service login process crash via vectors related to handshake failures...
DEBIAN-CVE-2015-3420
The ssl-proxy-openssl.c function in Dovecot before 2.2.17, when SSLv3 is disabled, allow remote attackers to cause a denial of service login process crash via vectors related to handshake failures...
CVE-2015-3420
The ssl-proxy-openssl.c function in Dovecot before 2.2.17, when SSLv3 is disabled, allow remote attackers to cause a denial of service login process crash via vectors related to handshake failures...
Fedora 20 : dovecot-2.2.16-2.fc20 (2015-7159)
fixes CVE-2015-3420: SSL/TLS handshake failures leading to a crash of the login process - dovecot updated to 2.2.16 - auth: Don't crash if master user login is attempted without any configured master=yes passdbs - Parsing UTF-8 text for mails could have caused broken results sometimes if bufferin...