Lucene search
FreeBSD3EFC106E-C451-11DD-A721-0030843D3802HistoryNov 18, 2008 - 12:00 a.m.
dovecot-managesieve -- Script Name Directory Traversal Vulnerability
2008-11-1800:00:00
vuxml.freebsd.org
10
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.006 Low
EPSS
Percentile
77.5%
Secunia reports:
The security issue is caused due to an input validation error when
processing script names. This can be exploited to read or modify
arbitrary files having “.sieve” extensions via directory traversal
attacks, with the privileges of the attacker’s user id.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | dovecot-managesieve | < 0.10.4 | UNKNOWN |
Related
debiancve
debiancve
CVE-2008-5301
2008-12-01 17:30:00
openvas
openvas
FreeBSD Ports: dovecot-managesieve
2008-12-10 00:00:00
FreeBSD Ports: dovecot-managesieve
2008-12-10 00:00:00
Ubuntu USN-838-1 (dovecot)
2009-10-06 00:00:00
prion
prion
Directory traversal
2008-12-01 17:30:00
ubuntucve
ubuntucve
CVE-2008-5301
2008-12-01 00:00:00
nessus
nessus
cve
cve
CVE-2008-5301
2008-12-01 17:30:00
ubuntu
ubuntu
Dovecot vulnerabilities
2009-09-28 00:00:00
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.006 Low
EPSS
Percentile
77.5%
Related for 3EFC106E-C451-11DD-A721-0030843D3802