|Category:||Debian Local Security Checks|
|Title:||Debian: Security Advisory for dovecot (DSA-4745-1)|
|Summary:||The remote host is missing an update for the 'dovecot'; package(s) announced via the DSA-4745-1 advisory.|
The remote host is missing an update for the 'dovecot'
package(s) announced via the DSA-4745-1 advisory.
Several vulnerabilities have been discovered in the Dovecot email
Receiving mail with deeply nested MIME parts leads to resource
exhaustion as Dovecot attempts to parse it.
Dovecot's NTLM implementation does not correctly check message
buffer size, which leads to a crash when reading past allocation.
Dovecot's RPA mechanism implementation accepts zero-length message,
which leads to assert-crash later on.
'dovecot' package(s) on Debian Linux.
For the stable distribution (buster), these problems have been fixed in
We recommend that you upgrade your dovecot packages.
Common Vulnerability Exposure (CVE) ID: CVE-2020-12100|
Common Vulnerability Exposure (CVE) ID: CVE-2020-12673
Common Vulnerability Exposure (CVE) ID: CVE-2020-12674
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.