Download
| Alert*
oval:org.secpod.oval:def:66738
Several vulnerabilities have been discovered in the dovecot-core email server. CVE-2020-12100 Receiving mail with deeply nested MIME parts leads to resource exhaustion as dovecot-core attempts to parse it. CVE-2020-12673 dovecot-core"s NTLM implementation does not correctly check message buffer size ... oval:org.secpod.oval:def:67071 dovecot: IMAP and POP3 email server Several security issues were fixed in Dovecot. oval:org.secpod.oval:def:66575 Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix: * dovecot: ... oval:org.secpod.oval:def:89050426 This update for dovecot23 fixes the following issues: - CVE-2020-12673: improper implementation of NTLM does not check message buffer size . - CVE-2020-12674: improper implementation of RPA mechanism . oval:org.secpod.oval:def:118788 Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plug-ins are in their subpackages. oval:org.secpod.oval:def:118664 Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plug-ins are in their subpackages. oval:org.secpod.oval:def:1601205 A flaw was found in dovecot. A remote attacker could cause a denial of service by repeatedly sending emails containing MIME parts containing malicious content of which dovecot will attempt to parse. The highest threat from this vulnerability is to system availability. In Dovecot before 2.3.11.3, unc ... oval:org.secpod.oval:def:504274 Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix: * dovecot: ... oval:org.secpod.oval:def:89000314 This update for dovecot22 fixes the following issues: - CVE-2020-12673: improper implementation of NTLM does not check message buffer size . - CVE-2020-12674: improper implementation of RPA mechanism . oval:org.secpod.oval:def:205609 Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix: * dovecot: ... oval:org.secpod.oval:def:705579 dovecot: IMAP and POP3 email server Several security issues were fixed in Dovecot. oval:org.secpod.oval:def:1700398 In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled. A flaw was found in dovecot. An attacker can use the way dovecot handles RPA to crash the authentication process repeatedly preventing login. The highest threat ... oval:org.secpod.oval:def:604986 Several vulnerabilities have been discovered in the Dovecot email server. CVE-2020-12100 Receiving mail with deeply nested MIME parts leads to resource exhaustion as Dovecot attempts to parse it. CVE-2020-12673 Dovecot"s NTLM implementation does not correctly check message buffer size, which leads t ... oval:org.secpod.oval:def:89000240 This update for dovecot23 fixes the following issues: - CVE-2020-12673: improper implementation of NTLM does not check message buffer size . - CVE-2020-12674: improper implementation of RPA mechanism . oval:org.secpod.oval:def:504287 Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix: * dovecot: ... oval:org.secpod.oval:def:1503040 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89049534 This update for dovecot23 fixes the following issues: Security issues fixed: - CVE-2020-12100: Fixed a resource exhaustion caused by deeply nested MIME parts . - CVE-2020-12673: Fixed an improper implementation of NTLM that did not check the message buffer size . - CVE-2020-12674: Fixed an improper ... oval:org.secpod.oval:def:1503026 The advisory is missing the security advisory description. For more information please visit the reference link |