Mandriva Linux Security Advisory : dovecot (MDVSA-2014:099)
Medium Nessus Plugin ID 74077
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability has been discovered and corrected in dovecot :
Dovecot 1.1 before 2.2.13 and dovecot-ee before 188.8.131.52 and 2.2.x before 184.108.40.206 does not properly close old connections, which allows remote attackers to cause a denial of service (resource consumption) via an incomplete SSL/TLS handshake for an IMAP/POP3 connection (CVE-2014-3430).
The updated packages have been patched to correct this issue.
SolutionUpdate the affected packages.