10 matches found
SUSE CVE-2010-3706
plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving t...
openSUSE Security Update : dovecot12 (openSUSE-SU-2010:0923-1)
dovecot granted admin rights to all owner mailboxes CVE-2010-3706. When using multiple ACL entries for mailboxes the most specific one was not always applied CVE-2010-3707. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
Ubuntu: Security Advisory (USN-1059-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mandriva Update for dovecot MDVSA-2010:217 (dovecot)
Check for the Version of dovecot OpenVAS Vulnerability Test Mandriva Update for dovecot MDVSA-2010:217 dovecot Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
openSUSE Security Update : dovecot12 (openSUSE-SU-2010:0923-1)
dovecot granted admin rights to all owner mailboxes CVE-2010-3706. When using multiple ACL entries for mailboxes the most specific one was not always applied CVE-2010-3707. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
BSA-006 Security Update for dovecot
Marco Nenciarini uploaded new packages for dovecot which fixed the following security problems: CVE-2010-3706 plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instea...
BSA-006 Security Update for dovecot
Marco Nenciarini uploaded new packages for dovecot which fixed the following security problems: CVE-2010-3706 plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instea...
CVE-2010-3706
plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving t...
CVE-2010-3706
CVE-2010-3706 affects Dovecot 1.2.x (before 1.2.15) and 2.0.x (before 2.0.5). The ACL plugin can interpret an ACL entry as adding to permissions rather than replacing them in certain private-user namespace scenarios, enabling remote authenticated users to bypass intended mailbox access restrictio...
CVE-2010-3706
plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving t...