CVE-2019-11500

critical
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 (and Pigeonhole before 0.5.7.2), protocol processing can fail for quoted strings. This occurs because '\0' characters are mishandled, and can lead to out-of-bounds writes and remote code execution.

References

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00024.html

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00026.html

http://www.openwall.com/lists/oss-security/2019/08/28/3

https://access.redhat.com/errata/RHSA-2019:2822

https://access.redhat.com/errata/RHSA-2019:2836

https://access.redhat.com/errata/RHSA-2019:2885

https://dovecot.org/pipermail/dovecot-news/2019-August/000417.html

https://lists.debian.org/debian-lts-announce/2019/08/msg00035.html

https://lists.fedoraproject.org/archives/list/[email protected]/message/3GYTZLLDNIFWT7D7JSB25ERJNMOR4CQ3/

https://lists.fedoraproject.org/archives/list/[email protected]/message/KVHY3MU2OK2EWZJFGNDSAOMD42L7DFPX/

https://lists.fedoraproject.org/archives/list/[email protected]/message/YSJVVVRAE3SITC2ZLGCPMFDN3WVYZBWF/

https://security.gentoo.org/glsa/201908-29

https://www.dovecot.org/security.html

Details

Source: MITRE

Published: 2019-08-29

Updated: 2019-09-06

Type: CWE-787

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*

cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*

cpe:2.3:a:dovecot:pigeonhole:*:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*

Tenable Plugins

View all (34 total)

IDNameProductFamilySeverity
145617CentOS 8 : dovecot (CESA-2019:2822)NessusCentOS Local Security Checks
critical
134314NewStart CGSL MAIN 4.05 : dovecot Vulnerability (NS-SA-2020-0020)NessusNewStart CGSL Local Security Checks
critical
132485NewStart CGSL CORE 5.05 / MAIN 5.05 : dovecot Vulnerability (NS-SA-2019-0244)NessusNewStart CGSL Local Security Checks
critical
131864EulerOS 2.0 SP2 : dovecot (EulerOS-SA-2019-2372)NessusHuawei Local Security Checks
critical
131770NewStart CGSL MAIN 4.06 : dovecot Vulnerability (NS-SA-2019-0211)NessusNewStart CGSL Local Security Checks
critical
131415NewStart CGSL CORE 5.04 / MAIN 5.04 : dovecot Vulnerability (NS-SA-2019-0220)NessusNewStart CGSL Local Security Checks
critical
130847EulerOS 2.0 SP5 : dovecot (EulerOS-SA-2019-2138)NessusHuawei Local Security Checks
critical
130705EulerOS 2.0 SP3 : dovecot (EulerOS-SA-2019-2243)NessusHuawei Local Security Checks
critical
130600Amazon Linux 2 : dovecot (ALAS-2019-1347)NessusAmazon Linux Local Security Checks
critical
129846Virtuozzo 7 : dovecot / dovecot-devel / dovecot-mysql / etc (VZLSA-2019-2836)NessusVirtuozzo Local Security Checks
critical
129709openSUSE Security Update : dovecot23 (openSUSE-2019-2281)NessusSuSE Local Security Checks
critical
129706openSUSE Security Update : dovecot23 (openSUSE-2019-2278)NessusSuSE Local Security Checks
critical
129656Fedora 31 : 1:dovecot (2019-ea638fb605)NessusFedora Local Security Checks
critical
129554SUSE SLES15 Security Update : dovecot23 (SUSE-SU-2019:2514-1)NessusSuSE Local Security Checks
critical
129472CentOS 6 : dovecot (CESA-2019:2885)NessusCentOS Local Security Checks
critical
129430EulerOS 2.0 SP8 : dovecot (EulerOS-SA-2019-2071)NessusHuawei Local Security Checks
critical
129393CentOS 7 : dovecot (CESA-2019:2836)NessusCentOS Local Security Checks
critical
129350SUSE SLES12 Security Update : dovecot22 (SUSE-SU-2019:2454-1)NessusSuSE Local Security Checks
critical
129328Oracle Linux 8 : dovecot (ELSA-2019-2822)NessusOracle Linux Local Security Checks
critical
129277Scientific Linux Security Update : dovecot on SL6.x i386/x86_64 (20190923)NessusScientific Linux Local Security Checks
critical
129276RHEL 6 : dovecot (RHSA-2019:2885)NessusRed Hat Local Security Checks
critical
129264Oracle Linux 6 : dovecot (ELSA-2019-2885)NessusOracle Linux Local Security Checks
critical
129151Scientific Linux Security Update : dovecot on SL7.x x86_64 (20190920)NessusScientific Linux Local Security Checks
critical
129148RHEL 7 : dovecot (RHSA-2019:2836)NessusRed Hat Local Security Checks
critical
129139Oracle Linux 7 : dovecot (ELSA-2019-2836)NessusOracle Linux Local Security Checks
critical
129090RHEL 8 : dovecot (RHSA-2019:2822)NessusRed Hat Local Security Checks
critical
128568Fedora 29 : 1:dovecot (2019-59d60bd1fa)NessusFedora Local Security Checks
critical
128444GLSA-201908-29 : Dovecot: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
128434Fedora 30 : 1:dovecot (2019-3844281be1)NessusFedora Local Security Checks
critical
128393Debian DLA-1901-1 : dovecot security updateNessusDebian Local Security Checks
critical
128321Ubuntu 16.04 LTS / 18.04 LTS / 19.04 : Dovecot regression (USN-4110-3)NessusUbuntu Local Security Checks
critical
128320Ubuntu 16.04 LTS / 18.04 LTS / 19.04 : Dovecot vulnerability (USN-4110-1)NessusUbuntu Local Security Checks
critical
128310FreeBSD : Dovecot -- improper input validation (abaaecda-ea16-43e2-bad0-d34a9ac576b1)NessusFreeBSD Local Security Checks
critical
128307Debian DSA-4510-1 : dovecot - security updateNessusDebian Local Security Checks
critical