CVE-2019-11500

HIGH

Description

In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 (and Pigeonhole before 0.5.7.2), protocol processing can fail for quoted strings. This occurs because '\0' characters are mishandled, and can lead to out-of-bounds writes and remote code execution.

References

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00024.html

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00026.html

http://www.openwall.com/lists/oss-security/2019/08/28/3

https://access.redhat.com/errata/RHSA-2019:2822

https://access.redhat.com/errata/RHSA-2019:2836

https://access.redhat.com/errata/RHSA-2019:2885

https://dovecot.org/pipermail/dovecot-news/2019-August/000417.html

https://lists.debian.org/debian-lts-announce/2019/08/msg00035.html

https://lists.fedoraproject.org/archives/list/[email protected]/message/3GYTZLLDNIFWT7D7JSB25ERJNMOR4CQ3/

https://lists.fedoraproject.org/archives/list/[email protected]/message/KVHY3MU2OK2EWZJFGNDSAOMD42L7DFPX/

https://lists.fedoraproject.org/archives/list/[email protected]/message/YSJVVVRAE3SITC2ZLGCPMFDN3WVYZBWF/

https://security.gentoo.org/glsa/201908-29

https://www.dovecot.org/security.html

Details

Source: MITRE

Published: 2019-08-29

Updated: 2019-09-06

Type: CWE-787

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Tenable Plugins

View all (29 total)

ID	Name	Product	Family	Severity
131415	NewStart CGSL CORE 5.04 / MAIN 5.04 : dovecot Vulnerability (NS-SA-2019-0220)	Nessus	NewStart CGSL Local Security Checks	high
130847	EulerOS 2.0 SP5 : dovecot (EulerOS-SA-2019-2138)	Nessus	Huawei Local Security Checks	high
130705	EulerOS 2.0 SP3 : dovecot (EulerOS-SA-2019-2243)	Nessus	Huawei Local Security Checks	high
130600	Amazon Linux 2 : dovecot (ALAS-2019-1347)	Nessus	Amazon Linux Local Security Checks	high
129846	Virtuozzo 7 : dovecot / dovecot-devel / dovecot-mysql / etc (VZLSA-2019-2836)	Nessus	Virtuozzo Local Security Checks	high
129709	openSUSE Security Update : dovecot23 (openSUSE-2019-2281)	Nessus	SuSE Local Security Checks	high
129706	openSUSE Security Update : dovecot23 (openSUSE-2019-2278)	Nessus	SuSE Local Security Checks	high
129656	Fedora 31 : 1:dovecot (2019-ea638fb605)	Nessus	Fedora Local Security Checks	high
129554	SUSE SLES15 Security Update : dovecot23 (SUSE-SU-2019:2514-1)	Nessus	SuSE Local Security Checks	high
129472	CentOS 6 : dovecot (CESA-2019:2885)	Nessus	CentOS Local Security Checks	high
129430	EulerOS 2.0 SP8 : dovecot (EulerOS-SA-2019-2071)	Nessus	Huawei Local Security Checks	high
129393	CentOS 7 : dovecot (CESA-2019:2836)	Nessus	CentOS Local Security Checks	high
129350	SUSE SLES12 Security Update : dovecot22 (SUSE-SU-2019:2454-1)	Nessus	SuSE Local Security Checks	high
129328	Oracle Linux 8 : dovecot (ELSA-2019-2822)	Nessus	Oracle Linux Local Security Checks	high
129277	Scientific Linux Security Update : dovecot on SL6.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	high
129276	RHEL 6 : dovecot (RHSA-2019:2885)	Nessus	Red Hat Local Security Checks	high
129264	Oracle Linux 6 : dovecot (ELSA-2019-2885)	Nessus	Oracle Linux Local Security Checks	high
129151	Scientific Linux Security Update : dovecot on SL7.x x86_64	Nessus	Scientific Linux Local Security Checks	high
129148	RHEL 7 : dovecot (RHSA-2019:2836)	Nessus	Red Hat Local Security Checks	high
129139	Oracle Linux 7 : dovecot (ELSA-2019-2836)	Nessus	Oracle Linux Local Security Checks	high
129090	RHEL 8 : dovecot (RHSA-2019:2822)	Nessus	Red Hat Local Security Checks	high
128568	Fedora 29 : 1:dovecot (2019-59d60bd1fa)	Nessus	Fedora Local Security Checks	high
128444	GLSA-201908-29 : Dovecot: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
128434	Fedora 30 : 1:dovecot (2019-3844281be1)	Nessus	Fedora Local Security Checks	high
128393	Debian DLA-1901-1 : dovecot security update	Nessus	Debian Local Security Checks	high
128321	Ubuntu 16.04 LTS / 18.04 LTS / 19.04 : Dovecot regression (USN-4110-3)	Nessus	Ubuntu Local Security Checks	high
128320	Ubuntu 16.04 LTS / 18.04 LTS / 19.04 : dovecot vulnerability (USN-4110-1)	Nessus	Ubuntu Local Security Checks	high
128310	FreeBSD : Dovecot -- improper input validation (abaaecda-ea16-43e2-bad0-d34a9ac576b1)	Nessus	FreeBSD Local Security Checks	high
128307	Debian DSA-4510-1 : dovecot - security update	Nessus	Debian Local Security Checks	high