cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Jens
Cadet
Cadet
‎08-20-2024 03:36 PM
  • 548 Views

Dovecot vulnerabilities

Just came across this early this monring... and since running our family mail Server, need to fix it asap!

There are currently 2 nasty vulnerabilities known for IMAP Server dovecot, making it vulnerable to DoD attacs:

1.

Dovecot CVE-2024-23185: Very large headers can cause resource
 exhaustion when parsing message
Risk Level: HIGH

see here: https://www.openwall.com/lists/oss-security/2024/08/15/4

2. 

Dovecot CVE-2024-23184: Having a large number of address headers
 (From, To, Cc, Bcc, etc.) becomes excessively CPU intensive 
Risk Level: Medium

 see here: https://www.openwall.com/lists/oss-security/2024/08/15/3

Looks like both an be fixed by upgrading to Version: 2.3.21.1 or later

 

Labels (3)
Labels
Tags (1)
Join the discussion
0 Replies
Join the discussion
You must log in to join this conversation.
Red Hat Learning Community

Red Hat

Learning Community

A collaborative learning environment, enabling open source skill development.

Red Hat Inc. Copyright ?2024 Red Hat, Inc. Privacy policy Terms of use