Mandriva Linux Security Advisory : dovecot (MDVSA-2014:099)
Medium Nessus Plugin ID 74077
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability has been discovered and corrected in dovecot :
Dovecot 1.1 before 2.2.13 and dovecot-ee before 220.127.116.11 and 2.2.x before 18.104.22.168 does not properly close old connections, which allows remote attackers to cause a denial of service (resource consumption) via an incomplete SSL/TLS handshake for an IMAP/POP3 connection (CVE-2014-3430).
The updated packages have been patched to correct this issue.
SolutionUpdate the affected packages.