CVE-2019-10691

Опубликовано: 24 апр. 2019

Источник: debian

Описание

The JSON encoder in Dovecot before 2.3.5.2 allows attackers to repeatedly crash the authentication service by attempting to authenticate with an invalid UTF-8 sequence as the username.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
dovecot	fixed	1:2.3.4.1-4		package
dovecot	not-affected		stretch	package
dovecot	not-affected		jessie	package

Примечания

https://www.openwall.com/lists/oss-security/2019/04/18/3

Связанные уязвимости

CVE-2019-10691

CVSS3: 7.5

ubuntu

почти 7 лет назад

The JSON encoder in Dovecot before 2.3.5.2 allows attackers to repeatedly crash the authentication service by attempting to authenticate with an invalid UTF-8 sequence as the username.

CVE-2019-10691

CVSS3: 7.5

redhat

почти 7 лет назад

The JSON encoder in Dovecot before 2.3.5.2 allows attackers to repeatedly crash the authentication service by attempting to authenticate with an invalid UTF-8 sequence as the username.

CVE-2019-10691

CVSS3: 7.5

nvd

почти 7 лет назад

The JSON encoder in Dovecot before 2.3.5.2 allows attackers to repeatedly crash the authentication service by attempting to authenticate with an invalid UTF-8 sequence as the username.

openSUSE-SU-2019:1312-1

suse-cvrf

почти 7 лет назад

Security update for dovecot23

SUSE-SU-2019:0997-1

suse-cvrf

почти 7 лет назад

Security update for dovecot23