CVE-2019-11356

Related Files

Ubuntu Security Notice USN-4566-1

Posted Oct 6, 2020

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4566-1 - It was discovered that Cyrus IMAP Server could execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name. An attacker could use this vulnerability to cause a crash or possibly execute arbitrary code. It was discovered that the Cyrus IMAP Server allow users to create any mailbox with administrative privileges. A local attacker could use this to obtain sensitive information. Various other issues were also addressed.

tags | advisory, web, arbitrary, local, imap

systems | linux, ubuntu

advisories | CVE-2019-11356, CVE-2019-19783

SHA-256 | b29e714d866e6ec6075866950847cbd51cb8d46269dd8a4d6182d91d2d346043

Download | Favorite | View

Red Hat Security Advisory 2019-1771-01

Posted Jul 15, 2019

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1771-01 - The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and SIEVE support. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, imap

systems | linux, redhat

advisories | CVE-2019-11356

SHA-256 | e87998711b3290fed1dc7b6c512e4c0700288e9f62ee6edb793843b8447f2f99

Download | Favorite | View

Debian Security Advisory 4458-1

Posted Jun 8, 2019

Authored by Debian | Site debian.org

Debian Linux Security Advisory 4458-1 - A flaw was discovered in the CalDAV feature in httpd of the Cyrus IMAP server, leading to denial of service or potentially the execution of arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name.

tags | advisory, web, denial of service, arbitrary, imap

systems | linux, debian

advisories | CVE-2019-11356

SHA-256 | bc0822b2384f0c38ca48e928b3fb1753ff2fb5dfa57f28c67c529ebd2a6926d6

Download | Favorite | View