Bug 28136

Summary: cyrus-imapd new security issue CVE-2017-14230
Product: Mageia Reporter: Zombie Ryushu <zombie_ryushu>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED INVALID QA Contact: Sec team <security>
Severity: normal    
Priority: Normal    
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA7TOO
Source RPM: cyrus-imapd-2.5.15-3.mga8.src.rpm CVE: CVE-2017-14230
Status comment:

Description Zombie Ryushu 2021-01-17 11:33:16 CET 
An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. If sieve script uploading is allowed (3.x) or certain non-default sieve options are enabled (2.x), a user with a mail account on the service can use a sieve script containing a fileinto directive to create any mailbox with administrator privileges, because of folder mishandling in autosieve_createfolder() in imap/lmtp_sieve.c.

In the mboxlist_do_find function in imap/mboxlist.c in Cyrus IMAP before 3.0.4, an off-by-one error in prefix calculation for the LIST command caused use of uninitialized memory, which might allow remote attackers to obtain sensitive information or cause a denial of service (daemon crash) via a 'LIST "" "Other Users"' command.
Zombie Ryushu 2021-01-17 11:33:37 CET

Source RPM: cyrus-imapd-2.5.15-3.mga8.src => cyrus-imapd-2.5.15-3.mga8.src.rpm
CVE: (none) => CVE-2019-19783 CVE-2017-14230

Comment 1 David Walser 2021-01-17 17:33:41 CET 
CVE-2019-19783 was already FIXED in Bug 25913.

CVE-2017-14230 was examined for 2.5 here:
https://github.com/cyrusimap/cyrus-imapd/issues/3241

and determined to be INVALID.

Status: NEW => RESOLVED
CVE: CVE-2019-19783 CVE-2017-14230 => CVE-2017-14230
Whiteboard: (none) => MGA7TOO
Summary: cyrus-imapd security issue CVE-2019-19783 CVE-2017-14230 => cyrus-imapd new security issue CVE-2017-14230
URL: https://nvd.nist.gov/vuln/detail/CVE-2019-19783 => (none)
Resolution: (none) => INVALID