5 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-19783
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. If sieve script uploading is allowed 3.x or certain non-defau...
USN-4566-1: Cyrus IMAP Server vulnerabilities
It was dicovered that Cyrus IMAP Server could execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name. An attacker could use this vulnerability to cause a crash or possibly execute arbitrary code. CVE-2019-11356 It was discovered that the Cyrus IMA...
Ubuntu 18.04 LTS : Cyrus IMAP Server vulnerabilities (USN-4566-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4566-1 advisory. It was dicovered that Cyrus IMAP Server could execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name. A...
CVE-2019-19783
An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. If sieve script uploading is allowed 3.x or certain non-default sieve options are enabled 2.x, a user with a mail account on the service can use a sieve script containing a fileinto directive to...
CVE-2008-4578
The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes...