CVE-2020-10958 log

Severity High
Remote Yes
Type Arbitrary code execution
A security issue has been found in Dovecot before in the lmtp/submission component. Sending many invalid or unknown commands can cause the server to access freed memory, which can lead to a server crash. This happens when the server closes the connection with a "421 Too many invalid commands" error. The bad command limit depends on the service (lmtp or submission) and varies between 10 to 20 bad commands.
Group Package Affected Fixed Severity Status Ticket
AVG-1162 dovecot 2.3.10-2 High Fixed
Date Advisory Group Package Severity Type
19 May 2020 ASA-202005-9 AVG-1162 dovecot High multiple issues