5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
5.8 Medium
AI Score
Confidence
High
0.091 Low
EPSS
Percentile
94.7%
It was discovered that Dovecot incorrectly handled closing inactive SSL/TLS
connections. A remote attacker could use this issue to cause Dovecot to
stop responding to new connections, resulting in a denial of service.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 14.04 | noarch | dovecot-core | < 1:2.2.9-1ubuntu2.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | dovecot-dbg | < 1:2.2.9-1ubuntu2.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | dovecot-dev | < 1:2.2.9-1ubuntu2.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | dovecot-gssapi | < 1:2.2.9-1ubuntu2.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | dovecot-imapd | < 1:2.2.9-1ubuntu2.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | dovecot-ldap | < 1:2.2.9-1ubuntu2.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | dovecot-lmtpd | < 1:2.2.9-1ubuntu2.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | dovecot-managesieved | < 1:2.2.9-1ubuntu2.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | dovecot-mysql | < 1:2.2.9-1ubuntu2.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | dovecot-pgsql | < 1:2.2.9-1ubuntu2.1 | UNKNOWN |