Intrusion Prevention

Dovecot.Submission-Login.Service.DoS

Description

This indicates an attack attempt to exploit a Denial of Service Vulnerability in Dovecot.
A remote attacker could exploit this vulnerability by sending an AUTH command, and aborting it before receiving a reply. Successful exploitation will result in the termination of the submission-login process.

Affected Products

Dovecot 2.3.0 through 2.3.5.2

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://dovecot.org/pipermail/dovecot/2019-April/115757.html

CVE References

CVE-2019-11494