Описание
In Dovecot before 2.3.10.1, remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart.
In Dovecot before 2.3.10.1, remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2020-10967
- https://dovecot.org/security
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4AAX2MJEULPVSRZOBX3PNPFSYP4FM4TT
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EYZU6CHA3VMYYAUCMHSCCQKJEVEIKPQ2
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TTZN2VW55ZC2AQBGBJMLRJSZIKSB2NS6
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VVUWHUUAFPC6XGIXYFIPTNBXLHPNM4W6
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XKKAL3OMG76ZZ7CIEMQP2K6KCTD2RAKE
- https://usn.ubuntu.com/4361-1
- https://www.debian.org/security/2020/dsa-4690
- https://www.openwall.com/lists/oss-security/2020/05/18/1
- http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00059.html
- http://packetstormsecurity.com/files/157771/Open-Xchange-Dovecot-2.3.10-Null-Pointer-Dereference-Denial-Of-Service.html
- http://seclists.org/fulldisclosure/2020/May/37
- http://www.openwall.com/lists/oss-security/2020/05/18/1
EPSS
CVE ID
Связанные уязвимости
In Dovecot before 2.3.10.1, remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart.
In Dovecot before 2.3.10.1, remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart.
In Dovecot before 2.3.10.1, remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart.
In Dovecot before 2.3.10.1, remote unauthenticated attackers can crash ...
EPSS