28 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-7524
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to...
RHEL 6 : dovecot (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dovecot: Buffer overflow in indexer-worker process results in privilege escalation CVE-2019-7524 - A...
SUSE: Security Advisory (SUSE-SU-2019:0876-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.05 / MAIN 5.05 : dovecot Multiple Vulnerabilities (NS-SA-2020-0105)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has dovecot packages installed that are affected by multiple vulnerabilities: - In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used ...
NewStart CGSL CORE 5.04 / MAIN 5.04 : dovecot Multiple Vulnerabilities (NS-SA-2020-0071)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has dovecot packages installed that are affected by multiple vulnerabilities: - In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used ...
Medium: dovecot
Issue Overview: In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing checks in the fts and pop3-uidl components. CVE-2019-7524 It was discovered that...
Amazon Linux AMI : dovecot (ALAS-2020-1363)
The version of dovecot installed on the remote host is prior to 2.2.36-6.19. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1363 advisory. In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker...
Medium: dovecot
Issue Overview: In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing checks in the fts and pop3-uidl components. CVE-2019-7524 It was discovered that...
Scientific Linux Security Update : dovecot on SL7.x x86_64 (20200407)
dovecot: Improper certificate validation dovecot: Buffer overflow in indexer-worker process results in privilege escalation C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid135805; scriptversion"1.3";...
CentOS 7 : dovecot (RHSA-2020:1062)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1062 advisory. - It was discovered that Dovecot before versions 2.2.36.1 and 2.3.4.1 incorrectly handled client certificates. A remote attacker in possession of a val...
dovecot security and bug fix update
1:2.2.36-6 - fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes 1741787 1:2.2.36-5 - fix CVE-2019-3814: improper certificate validation 1674369 - fix CVE-2019-7524: buffer overflow in...
Moderate: Red Hat Security Advisory: dovecot security and bug fix update
An update for dovecot is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Huawei EulerOS: Security Advisory for dovecot (EulerOS-SA-2019-1644)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for dovecot (EulerOS-SA-2019-1569)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 30 : 1:dovecot (2019-9e004decea)
dovecot updated to 2.3.6, includes several security fixes Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
openSUSE Security Update : dovecot22 (openSUSE-2019-1220)
This update for dovecot22 fixes the following issues : Security issues fixed : - CVE-2019-7524: Fixed an improper file handling which could result in stack overflow allowing local root escalation bsc1130116. - CVE-2019-3814: Fixed a vulnerability related to SSL client certificate authentication...
GLSA-201904-19 : Dovecot: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201904-19 Dovecot: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Dovecot. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for detail...
openSUSE: Security Advisory for dovecot22 (openSUSE-SU-2019:1220-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : dovecot23 (openSUSE-2019-1212)
This update for dovecot23 fixes the following issue : Security issue fixed : - CVE-2019-7524: Fixed an improper file handling which could result in stack oveflow allowing local root escalation bsc1130116. This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C...
openSUSE: Security Advisory for dovecot23 (openSUSE-SU-2019:1212-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...