漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
Dovecot accepts dot LF DOT LF symbol as end of DATA command. RFC requires that it should always be CR LF DOT CR LF. This causes Dovecot to convert single mail with LF DOT LF in middle, into two emails when relaying to SMTP. Dovecot will split mail with LF DOT LF into two mails. Upgrade to latest released version. No publicly available exploits are known.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
对数据真实性的验证不充分
Vulnerability Title
Dovecot 安全漏洞
Vulnerability Description
Dovecot是一款开源的基于类Linux/UNIX系统的IMAP和POP3邮件服务器。 Dovecot存在安全漏洞,该漏洞源于对DATA命令结束符号的识别不符合RFC标准,导致在转发SMTP邮件时将含有LF DOT LF的单个邮件错误地拆分成两封邮件。
CVSS Information
N/A
Vulnerability Type
N/A