OPENSUSE-SU-2024:0319-1 Security update for coredns

This update for coredns fixes the following issues: Update to version 1.11.3: optimize the performance for high qps 6767 bump deps Fix zone parser error handling 6680 Add alternate option to forward plugin 6681 fix: plugin/file: return error when parsing the file fails 6699 fix:documentation...

Oracle Linux 5 : dovecot (ELSA-2009-0205)

The remote Oracle Linux 5 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2009-0205 advisory. - Resolves: 436287, CVE-2008-4870 - Resolves: 469015, CVE-2008-4577 Tenable has extracted the preceding description block directly from the Oracle Linu...

Oracle Linux 5 : dovecot (ELSA-2008-0297)

The remote Oracle Linux 5 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2008-0297 advisory. - LDAP+auth cache user login mixup CVE-2007-6598, 427575 - insecure mailextragroups option CVE-2008-1199, 436927 - update to latest upstream, fixes a f...

SUSE CVE-2008-4577

The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions...

Mandriva Linux Security Advisory : dokuwiki (MDVSA-2015:185)

Updated dokuwiki packages fix security vulnerabilities : inc/template.php in DokuWiki before 2014-05-05a only checks for access to the root namespace, which allows remote attackers to access arbitrary images via a media file details ajax call CVE-2014-8761. The ajaxmediadiff function in DokuWiki...

DEBIAN-CVE-2015-2172

DokuWiki before 2014-05-05d and before 2014-09-29c does not properly check permissions for the ACL plugins, which allows remote authenticated users to gain privileges and add or delete ACL rules via a request to the XMLRPC API...

CVE-2015-2172

DokuWiki before 2014-05-05d and before 2014-09-29c does not properly check permissions for the ACL plugins, which allows remote authenticated users to gain privileges and add or delete ACL rules via a request to the XMLRPC API...

CVE-2015-2172

DokuWiki before 2014-05-05d and before 2014-09-29c does not properly check permissions for the ACL plugins, which allows remote authenticated users to gain privileges and add or delete ACL rules via a request to the XMLRPC API...

CVE-2014-9587

Multiple cross-site request forgery CSRF vulnerabilities in Roundcube Webmail before 1.0.4 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, related to 1 address book operations or the 2 ACL or 3 Managesieve plugins...

CVE-2014-9587

Multiple cross-site request forgery CSRF vulnerabilities in Roundcube Webmail before 1.0.4 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, related to 1 address book operations or the 2 ACL or 3 Managesieve plugins...

Ubuntu Update for dovecot vulnerabilities USN-1059-1

Ubuntu Update for Linux kernel vulnerabilities USN-1059-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10591.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for dovecot vulnerabilities USN-1059-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...

CVE-2010-3304

The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs...

CVE-2010-3304

The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs...

CVE-2010-3304

The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs...

Ubuntu: Security Advisory (USN-838-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-838-1: Dovecot vulnerabilities

It was discovered that the ACL plugin in Dovecot would incorrectly handle negative access rights. An attacker could exploit this flaw to access the Dovecot server, bypassing the intended access restrictions. This only affected Ubuntu 8.04 LTS. CVE-2008-4577 It was discovered that the ManageSieve...

Mandriva Linux Security Advisory : dovecot (MDVSA-2008:232)

The ACL plugin in dovecot prior to version 1.1.4 treated negative access rights as though they were positive access rights, which allowed attackers to bypass intended access restrictions CVE-2008-4577. The ACL plugin in dovecot prior to version 1.1.4 allowed attackers to bypass intended access...

Mandriva Update for dovecot MDVSA-2008:232 (dovecot)

Check for the Version of dovecot OpenVAS Vulnerability Test Mandriva Update for dovecot MDVSA-2008:232 dovecot Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

Mandriva Update for dovecot MDVSA-2008:232 (dovecot)

Check for the Version of dovecot OpenVAS Vulnerability Test Mandriva Update for dovecot MDVSA-2008:232 dovecot Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

dovecot security and bug fix update

1.0.7-7 - permissions of deliver and dovecot.conf from 1.0.7-5 reverted - password can be stored in different file readable only for root now - Resolves: 436287, CVE-2008-4870 1.0.7-6 - added missing directory in file list - Resolves: 436287 1.0.7-5 - change permissions of deliver and dovecot.con...