ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2018.0160
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2018-0160)
Resumen:	The remote host is missing an update for the 'dovecot' package(s) announced via the MGASA-2018-0160 advisory.
Descripción:	Summary: The remote host is missing an update for the 'dovecot' package(s) announced via the MGASA-2018-0160 advisory. Vulnerability Insight: Dovecot has been updated to version 2.2.34 to fix two security issues. CVE-2017-14461: This vulnerability comes in two flavors. A malicious party can send a specially crafted email to a vulnerable system, causing it to crash dovecot. In some systems, the mail can be stored into the mail system, causing crash every time it is being opened. CVE-2017-15130: If dovecot has been configured with local name or local net configuration blocks, SNI lookups can be used to trash memory with useless config by using random servernames. Affected Software/OS: 'dovecot' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 5.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-14461 BugTraq ID: 103201 http://www.securityfocus.com/bid/103201 Debian Security Information: DSA-4130 (Google Search) https://www.debian.org/security/2018/dsa-4130 https://talosintelligence.com/vulnerability_reports/TALOS-2017-0510 https://lists.debian.org/debian-lts-announce/2018/03/msg00036.html https://www.dovecot.org/list/dovecot-news/2018-February/000370.html https://usn.ubuntu.com/3587-1/ https://usn.ubuntu.com/3587-2/ Common Vulnerability Exposure (CVE) ID: CVE-2017-15130 http://seclists.org/oss-sec/2018/q1/205
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.