PatchSiren

Dovecot CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM Dovecot CVE published 2017-02-17

CVE-2016-8652

CVE-2016-8652 is a remote denial-of-service issue in Dovecot's auth component when auth-policy is configured. According to the supplied NVD record, an attacker can cause a crash by aborting authentication before a username is set. The affected version range is Dovecot versions before 2.2.27.