Displaying 1 result from an estimated 1 matches for "09999999999u".
Did you mean:
09999999999
2017 Apr 11
0
CVE-2017-2669: Dovecot DoS when passdb dict was used for authentication
...nt was sent through var_expand() to perform %variable
expansion. Sending specially crafted %variable fields could result in
excessive memory usage causing the process to crash (and restart), or
excessive CPU usage causing all authentications to hang.
Excessive memory usage could be done with e.g. %09999999999u as the
username. Because by default Dovecot limits the auth process's VSZ and
exits on any memory allocation failure, the auth process typically dies
afterwards and is immediately restarted. This may result in some user
authentications getting temporary internal failures.
Excessive CPU usage c...