N/A

ManageSieve AUTHENTICATE command crashes when using literal as SASL initial response. This can be used to crash ManageSieve service repeatedly, making it unavailable for other users. Control access to ManageSieve port, or disable the service if it's not needed. Alternatively upgrade to a fixed version. No publicly available exploits are known.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

输入验证不恰当

Open-Xchange OX Dovecot Pro 安全漏洞

Open-Xchange OX Dovecot Pro是德国Open-Xchange公司的一个邮件存储与投递系统。 Open-Xchange OX Dovecot Pro存在安全漏洞，该漏洞源于ManageSieve AUTHENTICATE命令在使用字面量作为SASL初始响应时崩溃，可能导致拒绝服务攻击。

N/A

N/A