oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request: Denial of Service attacks against Dovecot v1.1+

From: cve-assign () mitre org
Date: Fri, 9 May 2014 16:55:12 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


This "destroy oldest connection" however hasn't been working in v1.1+
releases for connections that have started SSL/TLS handshake

http://permalink.gmane.org/gmane.mail.imap.dovecot/77499
http://hg.dovecot.org/dovecot-2.2/rev/41622541a7a3
http://hg.dovecot.org/dovecot-2.1/rev/b7ac23b4d339
http://hg.dovecot.org/dovecot-2.0/rev/48f90e7e92dc
http://hg.dovecot.org/dovecot-1.2/rev/8ba4253adc9b
http://hg.dovecot.org/dovecot-1.1/rev/fe0e6550585c


Use CVE-2014-3430.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJTbUBwAAoJEKllVAevmvmsIgAH+wQ9ncZEPXDAjJq3w+6r1zxG
P2Sb1emKfynjlYwhYd1fIH/RAV3nOqneQRwAfeUmJ3PjKTmswkmkt7H++kfcx1Kk
JI3ZHf6Ao+1vgcm1hGzmkhwpi/FHZqzTCfu/AWOTt0R2xk0WGx2z+2C8ai/z+3xy
qW3llZ0QY61am9leFdbq70c9RtJkOkV2sZBMGjh1hgacVilCw9MuqNEMXhmE4qvu
y2i0x1WHbxosedC3iZ45K/PeypnA11Z587KVrRClfe/8aUAnixiSKnvZKhO/gk34
q3RNUX2lEWaQqTu8qk95iu6rpajG/1/HhUyRLR93hE7J3AvExe2PTcY/l+yJDa0=
=2pQZ
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: