51 matches found
MiracleLinux 4 : dovecot-2.0.9-22.AXS4.1 (AXSA:2019-4315:01)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-4315:01 advisory. dovecot: improper NULL byte handling in IMAP and ManageSieve protocol parsers leads to out of bounds writes CVE-2019-11500 Tenable has extracted the precedin...
MiracleLinux 7 : dovecot-2.2.36-3.el7.1 (AXSA:2019-4341:02)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-4341:02 advisory. dovecot: improper NULL byte handling in IMAP and ManageSieve protocol parsers leads to out of bounds writes CVE-2019-11500 Tenable has extracted the precedin...
TencentOS Server 3: dovecot (TSSA-2023:0159)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0159 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Ubuntu: Security Advisory (USN-4110-4)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:2514-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:2454-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 8 : dovecot (CESA-2019:2822)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2019:2822 advisory. - dovecot: improper NULL byte handling in IMAP and ManageSieve protocol parsers leads to out of bounds writes CVE-2019-11500 Note that Nessus has not tested for...
dovecot security and bug fix update
1:2.2.36-6 - fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes 1741787 1:2.2.36-5 - fix CVE-2019-3814: improper certificate validation 1674369 - fix CVE-2019-7524: buffer overflow in...
Dovecot And Pigeonhole Remote Code Execution (CVE-2019-11500)
A remote code execution vulnerability exists in Dovecot and Pigeonhole. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Huawei EulerOS: Security Advisory for dovecot (EulerOS-SA-2019-2243)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for dovecot (EulerOS-SA-2019-2071)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for dovecot23 (openSUSE-SU-2019:2281-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora Update for dovecot FEDORA-2019-ea638fb605
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
NewStart CGSL CORE 5.05 / MAIN 5.05 : dovecot Vulnerability (NS-SA-2019-0244)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has dovecot packages installed that are affected by a vulnerability: - In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 and Pigeonhole before 0.5.7.2, protocol processing can fail for quoted strings. This occurs because '\0'...
NewStart CGSL MAIN 4.06 : dovecot Vulnerability (NS-SA-2019-0211)
The remote NewStart CGSL host, running version MAIN 4.06, has dovecot packages installed that are affected by a vulnerability: - In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 and Pigeonhole before 0.5.7.2, protocol processing can fail for quoted strings. This occurs because '\0' characters...
dovecot security and bug fix update
1:2.2.36-10 - fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes 1741788 1:2.2.36-9 - reset errno before iterating through users 1630410 1:2.2.36-8 - fix CVE-2019-3814: improper certificate...
EulerOS 2.0 SP5 : dovecot (EulerOS-SA-2019-2138)
According to the versions of the dovecot packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 and Pigeonhole before 0.5.7.2, protocol processing can fail for quoted strings. This occurs...
EulerOS 2.0 SP3 : dovecot (EulerOS-SA-2019-2243)
According to the version of the dovecot packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 and Pigeonhole before 0.5.7.2, protocol processing can fail for quoted strings. This occurs...
Amazon Linux 2 : dovecot (ALAS-2019-1347)
In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 and Pigeonhole before 0.5.7.2, protocol processing can fail for quoted strings. This occurs because '\0' characters are mishandled, and can lead to out-of-bounds writes and remote code execution.CVE-2019-11500 C Tenable Network Security, Inc. Th...
Virtuozzo 7 : dovecot / dovecot-devel / dovecot-mysql / etc (VZLSA-2019-2836)
An update for dovecot is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...