Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2019-7524

Опубликовано: 28 мар. 2019
Источник: debian

Описание

In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing checks in the fts and pop3-uidl components.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
dovecotfixed1:2.3.4.1-3package

Примечания

  • https://github.com/dovecot/core/commit/37eeaef1587a3b99be97cb090094de19e374905c

  • https://github.com/dovecot/core/commit/a02c16889f1f3411e9a16b96221c2795d5fdb974

Связанные уязвимости

ubuntu логотип

CVE-2019-7524

CVSS3: 8.8
ubuntu
больше 6 лет назад

In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing checks in the fts and pop3-uidl components.

redhat логотип

CVE-2019-7524

CVSS3: 6.5
redhat
больше 6 лет назад

In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing checks in the fts and pop3-uidl components.

nvd логотип

CVE-2019-7524

CVSS3: 8.8
nvd
больше 6 лет назад

In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing checks in the fts and pop3-uidl components.

suse-cvrf логотип

openSUSE-SU-2019:1212-1

suse-cvrf
больше 6 лет назад

Security update for dovecot23

suse-cvrf логотип

SUSE-SU-2019:0876-1

suse-cvrf
больше 6 лет назад

Security update for dovecot23