公告ID: KYLIN-2020-12673
安全等级: 重要
产品: Kylin V3
发布日期: 2020年8月12日
CVE: CVE-2020-12673
CVSS3评分: 7.5
概述:
None 描述:
In Dovecot before 2.3.11.3, sending a specially formatted NTLM request will crash the auth service because of an out-of-bounds read. A flaw was found in dovecot. An out-of-bounds read flaw was found in the way dovecot handled NTLM authentication allowing an attacker to crash the dovecot auth process repeatedly preventing login. The highest threat from this vulnerability is to system availability. 系统版本:
KYLIN 3.0.x
KYLIN 3.2.x
KYLIN 3.3.x
KYLIN 3.4.x
受影响包列表:
dovecot
dovecot
dovecot
dovecot