VYPR
Medium severity5.9NVD Advisory· Published Sep 19, 2017· Updated Jun 17, 2026

CVE-2015-3420

CVE-2015-3420

Description

The ssl-proxy-openssl.c function in Dovecot before 2.2.17, when SSLv3 is disabled, allow remote attackers to cause a denial of service (login process crash) via vectors related to handshake failures.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*range: <=2.2.16
    • (no CPE)range: <2.2.17
  • cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
    • cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
    • cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.