Lucene search
K

17 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2019-19783

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. If sieve script uploading is allowed 3.x or certain non-defau...

6.5CVSS6.7AI score0.01655EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.17 views

RHEL 7 : cyrus-imapd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cyrus-imapd: Out of bounds heap read in indexurlfetch CVE-2015-8076 - cyrus-imapd: lmtpd component create...

6.5CVSS7AI score0.03261EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.19 views

Mageia: Security Advisory (MGASA-2020-0010)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.01655EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2020/11/04 1:25 a.m.35 views

Moderate: Red Hat Security Advisory: cyrus-imapd security update

An update for cyrus-imapd is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

9.8CVSS6.8AI score0.02392EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2020/11/04 12:0 a.m.25 views

RHEL 8 : cyrus-imapd (RHSA-2020:4655)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4655 advisory. The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and SIEVE support. Security Fixes: cyrus-imapd:...

9.8CVSS7.2AI score0.02392EPSS
Exploits0References10
AlmaLinux
AlmaLinux
added 2020/11/03 12:24 p.m.24 views

Moderate: cyrus-imapd security update

The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and SIEVE support. Security Fixes: cyrus-imapd: privilege escalation in HTTP request CVE-2019-18928 cyrus-imapd: lmtpd component created mailboxes with administrator privileges if the "fileinto" was used,...

7.5CVSS0.6AI score0.02392EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/10/07 12:0 a.m.19 views

Ubuntu: Security Advisory (USN-4566-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.07622EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2020/10/05 5:25 p.m.75 views

USN-4566-1: Cyrus IMAP Server vulnerabilities

It was dicovered that Cyrus IMAP Server could execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name. An attacker could use this vulnerability to cause a crash or possibly execute arbitrary code. CVE-2019-11356 It was discovered that the Cyrus IMA...

9.8CVSS7.5AI score0.07622EPSS
Exploits0
ALT Linux
ALT Linux
added 2020/01/10 12:0 a.m.21 views

Security fix for the ALT Linux 8 package cyrus-imapd version 2.5.15-alt0.M80P.1

2.5.15-alt0.M80P.1 built Jan. 10, 2020 Sergey Y. Afonin in task 243774 Jan. 2, 2020 Sergey Y. Afonin - 2.5.15 fixes: CVE-2019-19783...

3.5CVSS6.8AI score0.01655EPSS
Exploits0
ALT Linux
ALT Linux
added 2020/01/10 12:0 a.m.26 views

Security fix for the ALT Linux 9 package cyrus-imapd version 3.0.13-alt1

3.0.13-alt1 built Jan. 10, 2020 Sergey Y. Afonin in task 243772 Jan. 1, 2020 Sergey Y. Afonin - 3.0.13 fixes: CVE-2019-19783...

3.5CVSS6.8AI score0.01655EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/01/06 12:0 a.m.36 views

Fedora 30 : cyrus-imapd (2019-7938c21723)

Update to new upstream version 3.0.13, which includes a fix for CVE-2019-19783 and other minor fixes. Release notes: https://www.cyrusimap.org/imap/download/release-notes/3.0/x/3.0.13.htm l Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

6.5CVSS6.8AI score0.01655EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/01/06 12:0 a.m.39 views

Fedora 31 : cyrus-imapd (2019-ad23a4522d)

Update to new upstream version 3.0.13, which includes a fix for CVE-2019-19783 and other minor fixes. Release notes: https://www.cyrusimap.org/imap/download/release-notes/3.0/x/3.0.13.htm l Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

6.5CVSS6.8AI score0.01655EPSS
Exploits0References3
Mageia
Mageia
added 2020/01/05 3:37 p.m.30 views

Updated cyrus-imapd packages fix security vulnerability

Updated cyrus-imapd packages fix security vulnerability: It was discovered that the lmtpd component of the Cyrus IMAP server created mailboxes with administrator privileges if the "fileinto" was used, bypassing ACL checks CVE-2019-19783...

6.5CVSS1.7AI score0.01655EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2019/12/20 12:0 a.m.37 views

Debian DSA-4590-1 : cyrus-imapd - security update

It was discovered that the lmtpd component of the Cyrus IMAP server created mailboxes with administrator privileges if the 'fileinto' was used, bypassing ACL checks. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisor...

6.5CVSS6.8AI score0.01655EPSS
Exploits0References5
Debian
Debian
added 2019/12/19 10:54 p.m.113 views

[SECURITY] [DSA 4590-1] cyrus-imapd security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4590-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 19, 2019 https://www.debian.org/security/faq -...

6.5CVSS6.7AI score0.01655EPSS
Exploits0
NVD
NVD
added 2019/12/16 2:15 p.m.15 views

CVE-2019-19783

An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. If sieve script uploading is allowed 3.x or certain non-default sieve options are enabled 2.x, a user with a mail account on the service can use a sieve script containing a fileinto directive to...

6.5CVSS6.6AI score0.01655EPSS
Exploits0References8
CVE
CVE
added 2019/12/16 1:6 p.m.114 views

CVE-2019-19783

CVE-2019-19783 affects Cyrus IMAP (cyrus-imapd) where the lmtpd sieve handling could allow a user to create a mailbox with administrator privileges via a fileinto directive, due to folder handling in autosieve_createfolder() in imap/lmtp_sieve.c. Affected: 2.5.x (before 2.5.15), 3.0.x (before 3.0...

6.5CVSS6.3AI score0.01655EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder