CVE-2016-8652

Опубликовано: 17 фев. 2017

Источник: ubuntu

Приоритет: medium

EPSS Средний

CVSS2: 4.3

CVSS3: 5.9

Описание

The auth component in Dovecot before 2.2.27, when auth-policy is configured, allows a remote attackers to cause a denial of service (crash) by aborting authentication without setting a username.

Релиз	Статус	Примечание
devel	not-affected
esm-infra-legacy/trusty	not-affected
esm-infra/xenial	not-affected
precise	not-affected
trusty	not-affected
trusty/esm	not-affected
upstream	needed
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	not-affected

Показывать по

Ссылки на источники

EPSS

Процентиль: 95%

0.16367

Средний

4.3 Medium

CVSS2

5.9 Medium

CVSS3

Связанные уязвимости

CVE-2016-8652

CVSS3: 7.4

redhat

около 9 лет назад

The auth component in Dovecot before 2.2.27, when auth-policy is configured, allows a remote attackers to cause a denial of service (crash) by aborting authentication without setting a username.

CVE-2016-8652

CVSS3: 5.9

nvd

почти 9 лет назад

The auth component in Dovecot before 2.2.27, when auth-policy is configured, allows a remote attackers to cause a denial of service (crash) by aborting authentication without setting a username.

CVE-2016-8652

CVSS3: 5.9

debian

почти 9 лет назад

The auth component in Dovecot before 2.2.27, when auth-policy is confi ...

GHSA-vm4w-qxvr-6wfp

CVSS3: 5.9

github

больше 3 лет назад

The auth component in Dovecot before 2.2.27, when auth-policy is configured, allows a remote attackers to cause a denial of service (crash) by aborting authentication without setting a username.

EPSS

Процентиль: 95%

0.16367

Средний

4.3 Medium

CVSS2

5.9 Medium

CVSS3

CVE-2016-8652

Описание

Пакет dovecot

Ссылки на источники

Связанные уязвимости