15 matches found
SUSE CVE-2019-7524
In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing checks in the fts and pop3-uidl components...
NewStart CGSL CORE 5.05 / MAIN 5.05 : dovecot Multiple Vulnerabilities (NS-SA-2020-0105)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has dovecot packages installed that are affected by multiple vulnerabilities: - In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used ...
NewStart CGSL CORE 5.04 / MAIN 5.04 : dovecot Multiple Vulnerabilities (NS-SA-2020-0071)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has dovecot packages installed that are affected by multiple vulnerabilities: - In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used ...
Amazon Linux AMI : dovecot (ALAS-2020-1363)
The version of dovecot installed on the remote host is prior to 2.2.36-6.19. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1363 advisory. In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker...
The vulnerability of the Dovecot mail server, related to the execution of operations beyond buffer boundaries in memory, allows attackers to increase their privileges.
The vulnerability of the Dovecot mail server stems from the lack of checks for buffer sizes during the reading of FTS headers or POP3-UIDL from the Dovecot pointer. Exploiting this vulnerability can allow an attacker to increase their privileges...
FreeBSD : dovecot -- Buffer overflow reading extension header (7862213c-5152-11e9-8b26-a4badb296695)
Aki Tuomi reports : Vulnerability Details : When reading FTS or POP3-UIDL header from dovecot index, the input buffer size is not bound, and data is copied to target structure causing stack overflow. Risk : This can be used for local root privilege escalation or executing arbitrary code in doveco...
CVE-2019-7524
In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing checks in the fts and pop3-uidl components...
Buffer overflow
In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing checks in the fts and pop3-uidl components...
CVE-2019-7524
In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing checks in the fts and pop3-uidl components...
CVE-2019-7524
In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing checks in the fts and pop3-uidl components...
CVE-2019-7524
In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing checks in the fts and pop3-uidl components...
CVE-2019-7524
In CVE-2019-7524, Dovecot before 2.2.36.3 and before 2.3.5.1 for the 2.3.x line, suffers a local buffer overflow in the indexer-worker due to missing checks in fts and pop3-uidl. This can enable local privilege escalation to root. Affected products include Dovecot IMAP/POP3 servers on various Lin...
CVE-2010-1167
fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, does not properly handle invalid characters in a multi-character locale, which allows remote attackers to cause a denial of service memory consumption and application crash via a crafted 1 message header or 2 POP3 UIDL list...
Code injection
fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, does not properly handle invalid characters in a multi-character locale, which allows remote attackers to cause a denial of service memory consumption and application crash via a crafted 1 message header or 2 POP3 UIDL list...
Fetchmail buffer overflow
Buffer overflow on oversized POP3 UIDL reply...