Language:
https://lists.debian.org/debian-lts-announce/2021/01/msg00005.html
https://packages.debian.org/source/stretch/dovecot
https://security-tracker.debian.org/tracker/source-package/dovecot
Severity: Medium
ID: 144758
File Name: debian_DLA-2517.nasl
Version: 1.3
Type: local
Agent: unix
Family: Debian Local Security Checks
Published: 1/6/2021
Updated: 10/14/2022
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus
Risk Factor: Medium
Score: 5.2
Risk Factor: Medium
Base Score: 4.9
Temporal Score: 3.6
Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:N
CVSS Score Source: CVE-2020-24386
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5.9
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CPE: p-cpe:/a:debian:debian_linux:dovecot-dbg, p-cpe:/a:debian:debian_linux:dovecot-lmtpd, p-cpe:/a:debian:debian_linux:dovecot-pgsql, p-cpe:/a:debian:debian_linux:dovecot-sqlite, p-cpe:/a:debian:debian_linux:dovecot-pop3d, p-cpe:/a:debian:debian_linux:dovecot-gssapi, p-cpe:/a:debian:debian_linux:dovecot-lucene, p-cpe:/a:debian:debian_linux:dovecot-managesieved, p-cpe:/a:debian:debian_linux:dovecot-sieve, cpe:/o:debian:debian_linux:9.0, p-cpe:/a:debian:debian_linux:dovecot-dev, p-cpe:/a:debian:debian_linux:dovecot-core, p-cpe:/a:debian:debian_linux:dovecot-ldap, p-cpe:/a:debian:debian_linux:dovecot-mysql, p-cpe:/a:debian:debian_linux:dovecot-imapd, p-cpe:/a:debian:debian_linux:dovecot-solr
Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l
Exploit Ease: No known exploits are available
Patch Publication Date: 1/5/2021
Vulnerability Publication Date: 1/4/2021
CVE: CVE-2020-24386, CVE-2020-25275