NuytsTech Security

CVE-2020-7046

by ·

lib-smtp in submission-login and lmtp in Dovecot 2.3.9 before 2.3.9.3 mishandles truncated UTF-8 data in command parameters, as demonstrated by the unauthenticated triggering of a submission-login infinite loop.

Date published : 2020-02-12

http://www.openwall.com/lists/oss-security/2020/02/12/1

https://dovecot.org/pipermail/dovecot-news/2020-February/000431.html

Tags: