CVE-2019-11500 – dovecot: improper NULL byte handling in IMAP and ManageSieve protocol parsers leads to out of bounds writes
https://notcve.org/view.php?id=CVE-2019-11500
In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 (and Pigeonhole before 0.5.7.2), protocol processing can fail for quoted strings. This occurs because '\0' characters are mishandled, and can lead to out-of-bounds writes and remote code execution. En Dovecot versiones anteriores a 2.2.36.4 y versiones 2.3.x anteriores a 2.3.7.2 (y Pigeonhole versiones anteriores a 0.5.7.2), el procesamiento del protocolo puede fallar para cadenas entre comillas. Esto ocurre porque los caracteres '\0' se manejan inapropiadamente y pueden generar escrituras fuera de límites y ejecución de código remota. A flaw was found in dovecot. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00026.html http://www.openwall.com/lists/oss-security/2019/08/28/3 https://access.redhat.com/errata/RHSA-2019:2822 https://access.redhat.com/errata/RHSA-2019:2836 https://access.redhat.com/errata/RHSA-2019:2885 https://dovecot.org/pipermail/dovecot-news/2019-August/000417.html https://lists.debian.org/debian-lts-announce/2019/08/msg00035.html • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVE-2019-11499
https://notcve.org/view.php?id=CVE-2019-11499
In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login component crashes if AUTH PLAIN is attempted over a TLS secured channel with an unacceptable authentication message. En el servidor IMAP en Dovecot versión 2.3.3 hasta la versión 2.3.5.2, el componente de envío de inicio de sesión se bloquea si se intenta AUTH PLAIN sobre un canal seguro TLS con un mensaje de indentidadd no aceptado • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00026.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4XLI55NGRDTGMVOPYFCPPFNPA5VKYSSY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QHFZ5OWRIZGIWZJ5PTNVWWZNLLNH4XYS https://www.dovecot.org/download.html https://www.dovecot.org/security.html •
CVE-2019-11494
https://notcve.org/view.php?id=CVE-2019-11494
In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login service crashes when the client disconnects prematurely during the AUTH command. En el servidor IMAP en Dovecot 2.3.3 a 2.3.5.2, el servicio de submission-login se bloquea cuando el cliente se desconecta prematuramente durante el comando AUTH. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00026.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4XLI55NGRDTGMVOPYFCPPFNPA5VKYSSY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QHFZ5OWRIZGIWZJ5PTNVWWZNLLNH4XYS https://www.dovecot.org/download.html https://www.dovecot.org/security.html • CWE-476: NULL Pointer Dereference •
CVE-2019-10691
https://notcve.org/view.php?id=CVE-2019-10691
The JSON encoder in Dovecot before 2.3.5.2 allows attackers to repeatedly crash the authentication service by attempting to authenticate with an invalid UTF-8 sequence as the username. El codificador JSON en Dovecot versiones anteriores a 2.3.5.2 permite a los atacantes bloquear repetidamente el servicio de autenticación al intentar autenticarse con una secuencia UTF-8 no válida como nombre de usuario. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00000.html http://www.openwall.com/lists/oss-security/2019/04/18/3 https://dovecot.org/list/dovecot-news/2019-April/000406.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QHFZ5OWRIZGIWZJ5PTNVWWZNLLNH4XYS https://security.gentoo.org/glsa/201908-29 •
CVE-2019-7524 – dovecot: Buffer overflow in indexer-worker process results in privilege escalation
https://notcve.org/view.php?id=CVE-2019-7524
In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing checks in the fts and pop3-uidl components. En Dovecot, en versiones anteriores a la 2.2.36.3 y en las 2.3.x anteriores a la 2.3.5.1, un atacante local puede provocar un desbordamiento de búfer en el proceso "indexer-worker", que se podría utilizar para elevar a root. Esto ocurre debido a la falta de comprobaciones en los componentes fts y pop3-uidl. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00060.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00067.html http://www.openwall.com/lists/oss-security/2019/03/28/1 http://www.securityfocus.com/bid/107672 https://dovecot.org/list/dovecot-news/2019-March/000403.html https://dovecot.org/security.html https://lists.debian.org/debian-lts-announce/2019/03/msg00038.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.o • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-284: Improper Access Control •