vulnerability
FreeBSD: VID-7862213c-5152-11e9-8b26-a4badb296695 (CVE-2019-7524): dovecot -- Buffer overflow reading extension header
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:N/C:C/I:C/A:C) | Mar 28, 2019 | Apr 1, 2019 | Dec 10, 2025 |
Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
Mar 28, 2019
Added
Apr 1, 2019
Modified
Dec 10, 2025
Description
Aki Tuomi reports: Vulnerability Details: When reading FTS or POP3-UIDL header from dovecot index, the input buffer size is not bound, and data is copied to target structure causing stack overflow. Risk: This can be used for local root privilege escalation or executing arbitrary code in dovecot process context. This requires ability to directly modify dovecot indexes. Steps to reproduce: Produce dovecot.index.log entry that creates an FTS header which has more than 12 bytes of data. Trigger dovecot indexer-worker or run doveadm index. Dovecot will crash. Mitigations: Since 2.3.0 dovecot has been compiled with stack smash protection, ASLR, read-only GOT tables and other techniques that make exploiting this bug much harder.
Solution
freebsd-upgrade-package-dovecot
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.