公告ID: KYLIN-2020-12100
安全等级: 重要
产品: Kylin V3
发布日期: 2020年8月12日
CVE: CVE-2020-12100
CVSS3评分: 7.5
概述:
None 描述:
In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service (resource consumption) via a crafted e-mail message with deeply nested MIME parts. A flaw was found in dovecot. A remote attacker could cause a denial of service by repeatedly sending emails containing MIME parts containing malicious content of which dovecot will attempt to parse. The highest threat from this vulnerability is to system availability. 系统版本:
KYLIN 3.0.x
KYLIN 3.2.x
KYLIN 3.3.x
KYLIN 3.4.x
受影响包列表:
dovecot
dovecot
dovecot
dovecot