Download
| Alert*
oval:org.secpod.oval:def:61479
It was discovered that the lmtpd component of the Cyrus IMAP server created mailboxes with administrator privileges if the "fileinto" was used, bypassing ACL checks. oval:org.secpod.oval:def:67160 cyrus-imapd: An IMAP server Cyrus IMAP Server could be made to overwrite files as the administrator. oval:org.secpod.oval:def:504741 The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and SIEVE support. Security Fix: * cyrus-imapd: privilege escalation in HTTP request * cyrus-imapd: lmtpd component created mailboxes with administrator privileges if the fileinto was used, bypassing ACL checks ... oval:org.secpod.oval:def:67990 The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and SIEVE support. Security Fix: * cyrus-imapd: privilege escalation in HTTP request * cyrus-imapd: lmtpd component created mailboxes with administrator privileges if the quot;fileintoquot; was used, bypassing AC ... oval:org.secpod.oval:def:705686 cyrus-imapd: An IMAP server Cyrus IMAP Server could be made to overwrite files as the administrator. oval:org.secpod.oval:def:604654 It was discovered that the lmtpd component of the Cyrus IMAP server created mailboxes with administrator privileges if the quot;fileintoquot; was used, bypassing ACL checks. oval:org.secpod.oval:def:1504004 [3.0.7-19] - change ownership of pki files [3.0.7-18] - Move old changelog into separate file [3.0.7-17] - Add fix for CVE-2019-19783 - Add fix for CVE-2019-18928 oval:org.secpod.oval:def:69930 It was discovered that the lmtpd component of the Cyrus IMAP server created mailboxes with administrator privileges if the fileinto was used, bypassing ACL checks. oval:org.secpod.oval:def:2500122 The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and SIEVE support. |