Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2020-10958

Опубликовано: 18 мая 2020
Источник: debian

Описание

In Dovecot before 2.3.10.1, a crafted SMTP/LMTP message triggers an unauthenticated use-after-free bug in submission-login, submission, or lmtp, and can lead to a crash under circumstances involving many newlines after a command.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
dovecotfixed1:2.3.10.1+dfsg1-1package
dovecotnot-affectedstretchpackage
dovecotnot-affectedjessiepackage

Примечания

  • https://www.openwall.com/lists/oss-security/2020/05/18/1

Связанные уязвимости

ubuntu логотип

CVE-2020-10958

CVSS3: 5.3
ubuntu
больше 5 лет назад

In Dovecot before 2.3.10.1, a crafted SMTP/LMTP message triggers an unauthenticated use-after-free bug in submission-login, submission, or lmtp, and can lead to a crash under circumstances involving many newlines after a command.

redhat логотип

CVE-2020-10958

CVSS3: 5.9
redhat
больше 5 лет назад

In Dovecot before 2.3.10.1, a crafted SMTP/LMTP message triggers an unauthenticated use-after-free bug in submission-login, submission, or lmtp, and can lead to a crash under circumstances involving many newlines after a command.

nvd логотип

CVE-2020-10958

CVSS3: 5.3
nvd
больше 5 лет назад

In Dovecot before 2.3.10.1, a crafted SMTP/LMTP message triggers an unauthenticated use-after-free bug in submission-login, submission, or lmtp, and can lead to a crash under circumstances involving many newlines after a command.

github логотип

GHSA-v4pj-8r82-6phx

github
больше 3 лет назад

In Dovecot before 2.3.10.1, a crafted SMTP/LMTP message triggers an unauthenticated use-after-free bug in submission-login, submission, or lmtp, and can lead to a crash under circumstances involving many newlines after a command.

oracle-oval логотип

ELSA-2020-4763

oracle-oval
около 5 лет назад

ELSA-2020-4763: dovecot security update (MODERATE)