Dovecot 输入验证错误漏洞

admin
admin
admin
0
文章
0
评论
2024-01-14 23:40:46 YS 来源:ZONE.CI 全球网 0 阅读模式
> Dovecot 输入验证错误漏洞

Dovecot 输入验证错误漏洞

CNNVD-ID编号 CNNVD-202005-862 CVE编号 CVE-2020-10967
发布时间 2020-05-18 更新时间 2020-11-05
漏洞类型 输入验证错误 漏洞来源 N/A
危险等级 中危 威胁类型 远程
厂商 N/A

漏洞介绍

Dovecot是一款开源的基于类Linux/UNIX系统的IMAP和POP3邮件服务器。

Dovecot 2.3.10.1之前版本中存在安全漏洞。远程攻击者可通过发送带有空localpart的邮件利用该漏洞造成本地邮件传输协议或提交进程崩溃。

漏洞补丁

目前厂商已发布升级了Dovecot 输入验证错误漏洞的补丁,Dovecot 输入验证错误漏洞的补丁获取链接:

https://dovecot.org/pipermail/dovecot-news/2020-May/000438.html

参考网址

来源:CONFIRM

链接:https://www.openwall.com/lists/oss-security/2020/05/18/1

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/VVUWHUUAFPC6XGIXYFIPTNBXLHPNM4W6/

来源:MISC

链接:https://dovecot.org/security

来源:SUSE

链接:http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00059.html

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/4AAX2MJEULPVSRZOBX3PNPFSYP4FM4TT/

来源:MISC

链接:https://packetstormsecurity.com/files/157771/Open-Xchange-Dovecot-2.3.10-Null-Pointer-Dereference-Denial-Of-Service.html

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/TTZN2VW55ZC2AQBGBJMLRJSZIKSB2NS6/

来源:DEBIAN

链接:https://www.debian.org/security/2020/dsa-4690

来源:FULLDISC

链接:http://seclists.org/fulldisclosure/2020/May/37

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/EYZU6CHA3VMYYAUCMHSCCQKJEVEIKPQ2/

来源:MLIST

链接:http://www.openwall.com/lists/oss-security/2020/05/18/1

来源:UBUNTU

链接:https://usn.ubuntu.com/4361-1/

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/XKKAL3OMG76ZZ7CIEMQP2K6KCTD2RAKE/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/159826/Red-Hat-Security-Advisory-2020-4763-01.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.1792/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.2084/

来源:vigilance.fr

链接:https://vigilance.fr/vulnerability/Dovecot-three-vulnerabilities-32290

来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2020-10967

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.3809/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/157771/Open-Xchange-Dovecot-2.3.10-Null-Pointer-Dereference-Denial-Of-Service.html

来源:access.redhat.com

链接:https://access.redhat.com/security/cve/cve-2020-10967

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.1763/

受影响实体

暂无

信息来源

http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202005-862

weinxin
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带
ZONE.CI 全球网
安全领域涉猎者-乌云独行地带
ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带
安全领域涉猎者-乌云独行地带
ZONE.CI 全球网
评论:0   参与:  0