Lucene search

K
ubuntuUbuntuUSN-2213-1
HistoryMay 15, 2014 - 12:00 a.m.

Dovecot vulnerability

2014-05-1500:00:00
ubuntu.com
38

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

5.8 Medium

AI Score

Confidence

High

0.091 Low

EPSS

Percentile

94.7%

Releases

  • Ubuntu 14.04 ESM
  • Ubuntu 13.10
  • Ubuntu 12.10
  • Ubuntu 12.04
  • Ubuntu 10.04

Packages

  • dovecot - IMAP and POP3 email server

Details

It was discovered that Dovecot incorrectly handled closing inactive SSL/TLS
connections. A remote attacker could use this issue to cause Dovecot to
stop responding to new connections, resulting in a denial of service.

OSVersionArchitecturePackageVersionFilename
Ubuntu14.04noarchdovecot-core< 1:2.2.9-1ubuntu2.1UNKNOWN
Ubuntu14.04noarchdovecot-dbg< 1:2.2.9-1ubuntu2.1UNKNOWN
Ubuntu14.04noarchdovecot-dev< 1:2.2.9-1ubuntu2.1UNKNOWN
Ubuntu14.04noarchdovecot-gssapi< 1:2.2.9-1ubuntu2.1UNKNOWN
Ubuntu14.04noarchdovecot-imapd< 1:2.2.9-1ubuntu2.1UNKNOWN
Ubuntu14.04noarchdovecot-ldap< 1:2.2.9-1ubuntu2.1UNKNOWN
Ubuntu14.04noarchdovecot-lmtpd< 1:2.2.9-1ubuntu2.1UNKNOWN
Ubuntu14.04noarchdovecot-managesieved< 1:2.2.9-1ubuntu2.1UNKNOWN
Ubuntu14.04noarchdovecot-mysql< 1:2.2.9-1ubuntu2.1UNKNOWN
Ubuntu14.04noarchdovecot-pgsql< 1:2.2.9-1ubuntu2.1UNKNOWN
Rows per page:
1-10 of 611

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

5.8 Medium

AI Score

Confidence

High

0.091 Low

EPSS

Percentile

94.7%