Описание
Alpine before 2.25 allows remote attackers to cause a denial of service (application crash) when LIST or LSUB is sent before STARTTLS.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| alpine | fixed | 2.25+dfsg1-1 | package | |
| alpine | no-dsa | bullseye | package | |
| alpine | no-dsa | buster | package |
Примечания
https://nostarttls.secvuln.info
https://bugs.gentoo.org/807613
https://repo.or.cz/alpine.git/commitdiff/e58edb33f71687cb0b12c10a6cea2db2f8a35011 (v2.25)
Связанные уязвимости
CVSS3: 5.9
ubuntu
больше 3 лет назад
Alpine before 2.25 allows remote attackers to cause a denial of service (application crash) when LIST or LSUB is sent before STARTTLS.
CVSS3: 5.9
nvd
больше 3 лет назад
Alpine before 2.25 allows remote attackers to cause a denial of service (application crash) when LIST or LSUB is sent before STARTTLS.
CVSS3: 5.9
github
больше 3 лет назад
Alpine before 2.25 allows remote attackers to cause a denial of service (daemon crash) when LIST or LSUB is sent before STARTTLS.