DSA-4418 dovecot - security update
|
Información sobre el sistema
|
|
|
Software afectado |
Debian |
Descripción
|
A vulnerability was discovered in the Dovecot email server. When readingFTS or POP3-UIDL headers from the Dovecot index, the input buffer sizeis not bounds-checked. An attacker with the ability to modify dovecotindexes, can take advantage of this flaw for privilege escalation or theexecution of arbitrary code with the permissions of the dovecot user.Only installations using the FTS or pop3 migration plugins are affected.
More info:
https://www.debian.org/security/2019/dsa-4418 |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2019-7524 and DSA-4418. |