Dovecot LIST Command mbox Directory File Disclosure

2006-05-12T03:36:18
ID OSVDB:25727
Type osvdb
Reporter OSVDB
Modified 2006-05-12T03:36:18

Description

Solution Description

Upgrade to version 1.0.rc1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor URL: http://www.dovecot.org/ Secunia Advisory ID:20315 Secunia Advisory ID:20308 Other Advisory URL: http://www.dovecot.org/list/dovecot-news/2006-May/000006.html Other Advisory URL: http://www.us.debian.org/security/2006/dsa-1080 Mail List Post: http://www.dovecot.org/list/dovecot/2006-May/013386.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-05/0245.html Mail List Post: http://www.dovecot.org/list/dovecot/2006-May/013385.html ISS X-Force ID: 26536 CVE-2006-2414 Bugtraq ID: 17961