Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2018.0160
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2018-0160)
Zusammenfassung:	The remote host is missing an update for the 'dovecot' package(s) announced via the MGASA-2018-0160 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'dovecot' package(s) announced via the MGASA-2018-0160 advisory. Vulnerability Insight: Dovecot has been updated to version 2.2.34 to fix two security issues. CVE-2017-14461: This vulnerability comes in two flavors. A malicious party can send a specially crafted email to a vulnerable system, causing it to crash dovecot. In some systems, the mail can be stored into the mail system, causing crash every time it is being opened. CVE-2017-15130: If dovecot has been configured with local name or local net configuration blocks, SNI lookups can be used to trash memory with useless config by using random servernames. Affected Software/OS: 'dovecot' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 5.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-14461 BugTraq ID: 103201 http://www.securityfocus.com/bid/103201 Debian Security Information: DSA-4130 (Google Search) https://www.debian.org/security/2018/dsa-4130 https://talosintelligence.com/vulnerability_reports/TALOS-2017-0510 https://lists.debian.org/debian-lts-announce/2018/03/msg00036.html https://www.dovecot.org/list/dovecot-news/2018-February/000370.html https://usn.ubuntu.com/3587-1/ https://usn.ubuntu.com/3587-2/ Common Vulnerability Exposure (CVE) ID: CVE-2017-15130 http://seclists.org/oss-sec/2018/q1/205
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.