Russian Vulnerability Scanner Database

Back to List

CVE-2018-19518

Scores

EPSS

0.939high93.9%
0%20%40%60%80%100%

Percentile: 93.9%

CVSS

8.1high3.x
0246810

CVSS Score: 8.1/10

All CVSS Scores

CVSS 3.x
8.1

Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0
8.5

Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C

Description

University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in PHP and other products, launches an rsh command (by means of the imap_rimap function in c-client/imap4r1.c and the tcp_aopen function in osdep/unix/tcp_unix.c) without preventing argument injection, which might allow remote attackers to execute arbitrary OS commands if the IMAP server name is untrusted input (e.g., entered by a user of a web application) and if rsh has been replaced by a program with different argument semantics. For example, if rsh is a link to ssh (as seen on Debian and Ubuntu systems), then the attack can use an IMAP server name containing a “-oProxyCommand” argument.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

astradebiannvdredhatubuntu

CWEs

CWE-78CWE-88

Related Vulnerabilities

BDU:2019-01271

Exploits

Exploit ID: 45914

Source: exploitdb

URL: https://www.exploit-db.com/exploits/45914

Exploit ID: CVE-2018-19518

Source: github-poc

URL: https://github.com/houqe/EXP_CVE-2018-19518

Vulnerable Software (33)

Type: Configuration

Product: php-imap

Operating System: ubuntu trusty 14.04

Trait: 
{  "fixed": "5.4.6-0ubuntu5.1"}

Source: ubuntu

Type: Configuration

Product: php5

Operating System: ubuntu trusty 14.04

Trait: 
{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: php5

Operating System: debian

Trait: 
{  "unfixed": true}

Source: debian

Type: Configuration

Product: php7

Operating System: altlinux

Trait: 
{  "fixed": "0:7.2.13-alt1"}

Source: redhat

Type: Configuration

Product: php7-devel

Operating System: altlinux

Trait: 
{  "fixed": "0:7.2.13-alt1"}

Source: redhat

Type: Configuration

Product: php7-libs

Operating System: altlinux

Trait: 
{  "fixed": "0:7.2.13-alt1"}

Source: redhat

Type: Configuration

Product: php7-mysqlnd

Operating System: altlinux

Trait: 
{  "fixed": "0:7.2.13-alt1"}

Source: redhat

Type: Configuration

Product: php7.0

Operating System: astra 1.6.3

Trait: 
{  "unaffected": true}

Source: astra

Type: Configuration

Product: php7.0

Operating System: ubuntu xenial 16.04

Trait: 
{  "fixed": "7.0.33-0ubuntu0.16.04.1"}

Source: ubuntu

Type: Configuration

Product: php7.0

Operating System: debian

Trait: 
{  "unfixed": true}

Source: debian

Type: Configuration

Product: php7.2

Operating System: ubuntu bionic 18.04

Trait: 
{  "fixed": "7.2.15-0ubuntu0.18.04.1"}

Source: ubuntu

Type: Configuration

Product: php7.2

Operating System: ubuntu cosmic 18.10

Trait: 
{  "fixed": "7.2.15-0ubuntu0.18.20.1"}

Source: ubuntu

Type: Configuration

Product: php7.2

Operating System: ubuntu disco 19.04

Trait: 
{  "fixed": "7.2.15-0ubuntu2"}

Source: ubuntu

Type: Configuration

Product: php7.2

Operating System: debian

Trait: 
{  "unfixed": true}

Source: debian

Type: Configuration

Product: php7.3

Operating System: ubuntu eoan 19.10

Trait: 
{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: php7.3

Operating System: debian

Trait: 
{  "fixed": "7.3.0-1"}

Source: debian

Type: Configuration

Product: rpm-build-php7-version

Operating System: altlinux

Trait: 
{  "fixed": "0:7.2.13-alt1"}

Source: redhat

Type: Configuration

Product: uw-imap

Operating System: ubuntu bionic 18.04

Trait: 
{  "fixed": "8:2007f~dfsg-5ubuntu0.18.04.2"}

Source: ubuntu

Type: Configuration

Product: uw-imap

Operating System: ubuntu cosmic 18.10

Trait: 
{  "unfixed": true}

Source: ubuntu

Type: Configuration

Product: uw-imap

Operating System: ubuntu impish 21.10

Trait: 
{  "unaffected": true}

Source: ubuntu