CVE-2020-10967 log

Severity Medium
Remote Yes
Type Denial of service
A security issue has been found in Dovecot before in the lmtp/submission component. An authenticated attacker could send an e-mail via the submission service with empty quoted localpart which would cause the submission or lmtp component to crash. An unauthenticated attacker could send an e-mail with a bad sender or recipient address, causing the e-mail to be passed to LMTP for delivery and then crash the LMTP component unless some kind of filtering has been set up on the MTA level.
Group Package Affected Fixed Severity Status Ticket
AVG-1162 dovecot 2.3.10-2 High Fixed
Date Advisory Group Package Severity Type
19 May 2020 ASA-202005-9 AVG-1162 dovecot High multiple issues