CVE-2020-12673

Debian Bug report logs - #968302 src:dovecot: multiple dovecot CVEs Package: src:dovecot; Maintainer for src:dovecot is Dovecot Maintainers <dovecot@packagesdebianorg>; Reported by: Noah Meyerhans <noahm@debianorg> Date: Wed, 12 Aug 2020 17:45:01 UTC Severity: grave Tags: bullseye, security, sid Found in versions ...

Several vulnerabilities have been discovered in the Dovecot email server CVE-2020-12100 Receiving mail with deeply nested MIME parts leads to resource exhaustion as Dovecot attempts to parse it CVE-2020-12673 Dovecot's NTLM implementation does not correctly check message buffer size, which leads to a crash when reading past alloc ...

Synopsis Important: dovecot security update Type/Severity Security Advisory: Important Topic An update for dovecot is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...

Synopsis Important: dovecot security update Type/Severity Security Advisory: Important Topic An update for dovecot is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, ...

Synopsis Important: dovecot security update Type/Severity Security Advisory: Important Topic An update for dovecot is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, ...

Synopsis Important: dovecot security update Type/Severity Security Advisory: Important Topic An update for dovecot is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...

In Dovecot before 23113, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled A flaw was found in dovecot An attacker can use the way dovecot handles RPA (Remote Passphrase Authentication) to crash the authentication process repeatedly preventing login The highest threat from this vulner ...

A flaw was found in dovecot A remote attacker could cause a denial of service by repeatedly sending emails containing MIME parts containing malicious content of which dovecot will attempt to parse The highest threat from this vulnerability is to system availability In Dovecot before 23113, uncontrolled recursion in submission, lmtp, and lda a ...