Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-5301HistoryDec 01, 2008 - 5:30 p.m.
CVE-2008-5301
2008-12-0117:30:00
Debian Security Bug Tracker
security-tracker.debian.org
7
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.006 Low
EPSS
Percentile
77.5%
Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote attackers to read and modify arbitrary .sieve files via a “…” (dot dot) in a script name.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | dovecot | < 1:1.0.15-2.3 | dovecot_1:1.0.15-2.3_all.deb |
| Debian | 11 | all | dovecot | < 1:1.0.15-2.3 | dovecot_1:1.0.15-2.3_all.deb |
| Debian | 10 | all | dovecot | < 1:1.0.15-2.3 | dovecot_1:1.0.15-2.3_all.deb |
| Debian | 999 | all | dovecot | < 1:1.0.15-2.3 | dovecot_1:1.0.15-2.3_all.deb |
Related
openvas
openvas
FreeBSD Ports: dovecot-managesieve
2008-12-10 00:00:00
FreeBSD Ports: dovecot-managesieve
2008-12-10 00:00:00
Ubuntu USN-838-1 (dovecot)
2009-10-06 00:00:00
prion
prion
Directory traversal
2008-12-01 17:30:00
ubuntucve
ubuntucve
CVE-2008-5301
2008-12-01 00:00:00
nessus
nessus
cve
cve
CVE-2008-5301
2008-12-01 17:30:00
freebsd
freebsd
dovecot-managesieve -- Script Name Directory Traversal Vulnerability
2008-11-18 00:00:00
ubuntu
ubuntu
Dovecot vulnerabilities
2009-09-28 00:00:00
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.006 Low
EPSS
Percentile
77.5%
Related for DEBIANCVE:CVE-2008-5301