CVE-2006-2414

2006-05-1610:02:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.007

Percentile

80.6%

JSON

Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via “…” sequences in the (1) LIST or (2) DELETE IMAP command.

Affected configurations

Nvd

Node

timo_sirainendovecotMatch1.0

timo_sirainendovecotMatch1.0_beta2

timo_sirainendovecotMatch1.0_beta3

timo_sirainendovecotMatch1.0_beta7

VendorProductVersionCPE
timo_sirainendovecot1.0cpe:2.3:a:timo_sirainen:dovecot:1.0:*:*:*:*:*:*:*
timo_sirainendovecot1.0_beta2cpe:2.3:a:timo_sirainen:dovecot:1.0_beta2:*:*:*:*:*:*:*
timo_sirainendovecot1.0_beta3cpe:2.3:a:timo_sirainen:dovecot:1.0_beta3:*:*:*:*:*:*:*
timo_sirainendovecot1.0_beta7cpe:2.3:a:timo_sirainen:dovecot:1.0_beta7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
timo_sirainen	dovecot	1.0	cpe:2.3:a:timo_sirainen:dovecot:1.0:::::::*
timo_sirainen	dovecot	1.0_beta2	cpe:2.3:a:timo_sirainen:dovecot:1.0_beta2:::::::*
timo_sirainen	dovecot	1.0_beta3	cpe:2.3:a:timo_sirainen:dovecot:1.0_beta3:::::::*
timo_sirainen	dovecot	1.0_beta7	cpe:2.3:a:timo_sirainen:dovecot:1.0_beta7:::::::*