|Type||Arbitrary code execution|
A security issue has been found in Dovecot before 184.108.40.206 in the lmtp/submission component. Sending many invalid or unknown commands can cause the server to access freed memory, which can lead to a server crash. This happens when the server closes the connection with a "421 Too many invalid commands" error. The bad command limit depends on the service (lmtp or submission) and varies between 10 to 20 bad commands.
|19 May 2020||ASA-202005-9||AVG-1162||dovecot||High||multiple issues|