Access Control Bypass

dovecot is vulnerable to access control bypass. A flaw was found in Dovecot's ACL plug-in. The ACL plug-in treated negative access rights as positive rights, which could allow an attacker to bypass intended access restrictions...

Privilege Escalation

dovecot is vulnerable to privilege escalation. A flaw was found in the Dovecot ACL plug-in. User with only insert permissions for a mailbox could use the "COPY" and "APPEND" commands to set additional message flags...

RedHat Security Advisory RHSA-2009:0205

The remote host is missing updates to Dovecot announced in advisory RHSA-2009:0205. A flaw was found in Dovecot's ACL plug-in. The ACL plug-in treated negative access rights as positive rights, which could allow an attacker to bypass intended access restrictions. CVE-2008-4577 A password disclosu...

Low: Red Hat Security Advisory: dovecot security and bug fix update

An updated dovecot package that corrects two security flaws and various bugs is now available for Red Hat Enterprise Linux 5. This update has been rated as having low security impact by the Red Hat Security Response Team. Dovecot is an IMAP server for Linux and UNIX-like systems, primarily writte...