19 matches found
EUVD-2020-4970
Malware in sbrugna...
CLSA-2025-1758896552 dovecot: Fix of CVE-2020-12674
CVE-2020-12674: fix mishandling of zero length in RPA request to prevent auth service crash...
CLSA-2025-1758820840 dovecot: Fix of CVE-2020-12674
CVE-2020-12674: fix mishandling of zero length in RPA request to prevent auth service crash...
NewStart CGSL CORE 5.05 / MAIN 5.05 : dovecot Multiple Vulnerabilities (NS-SA-2021-0166)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has dovecot packages installed that are affected by multiple vulnerabilities: - In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service resource...
NewStart CGSL CORE 5.04 / MAIN 5.04 : dovecot Multiple Vulnerabilities (NS-SA-2021-0041)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has dovecot packages installed that are affected by multiple vulnerabilities: - In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service resource...
NewStart CGSL MAIN 6.02 : dovecot Multiple Vulnerabilities (NS-SA-2021-0054)
The remote NewStart CGSL host, running version MAIN 6.02, has dovecot packages installed that are affected by multiple vulnerabilities: - In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service resource consumption via a...
NewStart CGSL CORE 5.04 / MAIN 5.04 : dovecot Multiple Vulnerabilities (NS-SA-2021-0012)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has dovecot packages installed that are affected by multiple vulnerabilities: - In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service resource...
Huawei EulerOS: Security Advisory for dovecot (EulerOS-SA-2020-2340)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP2 : dovecot (EulerOS-SA-2020-2340)
According to the versions of the dovecot packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service resource...
Amazon Linux AMI : dovecot (ALAS-2020-1435)
The version of dovecot installed on the remote host is prior to 2.2.36-6.21. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1435 advisory. A flaw was found in dovecot. A remote attacker could cause a denial of service by repeatedly sending emails containing...
Oracle Linux 8 : dovecot (ELSA-2020-3713)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-3713 advisory. - fix CVE-2020-12100 resource exhaustion via deeply nested MIME parts 1866755 - fix CVE-2020-12673 out of bound reads in dovecot NTLM implementation...
Oracle Linux 7 : dovecot (ELSA-2020-3617)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-3617 advisory. - fix CVE-2020-12100 resource exhaustion via deeply nested MIME parts 1871841 - fix CVE-2020-12673 out of bound reads in dovecot NTLM implementation...
CVE-2020-12674
In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled...
Cross site request forgery (csrf)
In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled...
CVE-2020-12674
In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled...
CVE-2020-12674
In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled...
CVE-2020-12674
In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled...
CVE-2020-12674
CVE-2020-12674 affects Dovecot before 2.3.11.3. The flaw arises in the Remote Passphrase Authentication (RPA) handling, where a zero-length input is mishandled, causing the authentication service to crash. This is listed alongside CVE-2020-12100 and CVE-2020-12673 in multiple advisories. Remediat...
CVE-2020-12674
In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled...