Lucene search
K

47 matches found

RedHat Linux
RedHat Linux
added 2009/01/20 3:45 p.m.4 views

dovecot: incorrect handling of negative rights in the ACL plugin

The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions...

7.5CVSS7.1AI score0.02328EPSS
Exploits0References4
Debian
Debian
added 2008/11/28 9:24 p.m.40 views

[Backports-security-announce] Security Update for dovecot

Gerfried Fuchs uploaded new packages for dovecot which fixed the following security problems: CVE-2008-4577, Debian Bug 502967 The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions...

7.5CVSS2.9AI score0.02328EPSS
Exploits0
Debian
Debian
added 2008/11/28 9:24 p.m.30 views

[Backports-security-announce] Security Update for dovecot

Gerfried Fuchs uploaded new packages for dovecot which fixed the following security problems: CVE-2008-4577, Debian Bug 502967 The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions...

7.5CVSS7.1AI score0.02328EPSS
Exploits0
securityvulns
securityvulns
added 2008/11/21 12:0 a.m.46 views

dovecot protection bypass

Ivalid ACL parsing in ACL plugin. Privilege escalations...

6.4CVSS4.7AI score0.02328EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2008/10/17 12:0 a.m.43 views

Dovecot ACL Plugin Security Bypass Vulnerabilities

This host has Dovecot ACL Plugin installed and is prone to multiple security bypass vulnerabilities. OpenVAS Vulnerability Test $Id: gbdovecotmultsecbypassvuln.nasl 5158 2017-02-01 14:53:04Z mime $ Dovecot ACL Plugin Security Bypass Vulnerabilities Authors: Chandan S Copyright: Copyright c 2008...

6.4CVSS0.3AI score0.02328EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2008/10/17 12:0 a.m.32 views

Dovecot ACL Plugin Security Bypass Vulnerabilities

Dovecot ACL Plugin is prone to multiple security bypass vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS7.6AI score0.02328EPSS
Exploits0References3
OSV
OSV
added 2008/10/15 8:8 p.m.9 views

CVE-2008-4577

The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions...

7.5CVSS7.4AI score
Exploits0References19
NVD
NVD
added 2008/10/15 8:8 p.m.16 views

CVE-2008-4577

The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions...

7.5CVSS7.4AI score0.02328EPSS
Exploits0References17
NVD
NVD
added 2008/10/15 8:8 p.m.23 views

CVE-2008-4578

The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes...

5CVSS7.4AI score0.01679EPSS
Exploits0References10
Prion
Prion
added 2008/10/15 8:8 p.m.24 views

Design/Logic Flaw

The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions...

6.4CVSS6.4AI score0.02328EPSS
Exploits0References17Affected Software4
ATTACKERKB
ATTACKERKB
added 2008/10/15 8:8 p.m.3 views

CVE-2008-4577

The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions...

7.5CVSS5.5AI score0.02328EPSS
Exploits0References18
UbuntuCve
UbuntuCve
added 2008/10/15 8:8 p.m.24 views

CVE-2008-4577

The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions...

7.5CVSS7.1AI score0.02328EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2008/10/15 8:8 p.m.21 views

CVE-2008-4578

The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes...

5CVSS5.9AI score0.01679EPSS
Exploits0References1
Prion
Prion
added 2008/10/15 8:8 p.m.22 views

Security feature bypass

The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes...

5CVSS6.5AI score0.01679EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2008/10/15 8:0 p.m.39 views

CVE-2008-4578

The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes...

7.3AI score0.01679EPSS
Exploits0References10
CVE
CVE
added 2008/10/15 8:0 p.m.101 views

CVE-2008-4577

CVE-2008-4577 affects Dovecot; the ACL plug-in incorrectly treats negative access rights as positive, allowing bypass of access restrictions. The issue concerns Dovecot versions prior to 1.1.4 (per initial description). Various connected advisories note this vulnerability alongside CVE-2008-4870,...

7.5CVSS7.3AI score0.02328EPSS
Exploits0References17Affected Software1
Debian CVE
Debian CVE
added 2008/10/15 8:0 p.m.34 views

CVE-2008-4578

The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes...

5CVSS6.3AI score0.01679EPSS
Exploits0
Debian CVE
Debian CVE
added 2008/10/15 8:0 p.m.57 views

CVE-2008-4577

The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions...

7.5CVSS6.3AI score0.02328EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2008/10/15 12:0 a.m.2 views

PT-2008-5795 · Dovecot +1 · Dovecot +1

Name of the Vulnerable Software and Affected Versions: Dovecot versions prior to 1.1.4 Description: The issue allows attackers to bypass intended access restrictions due to the ACL plugin treating negative access rights as if they are positive access rights. Recommendations: For versions prior to...

7.5CVSS7.4AI score0.02328EPSS
Exploits0References24
RedHat Linux
RedHat Linux
added 2008/05/20 2:28 p.m.3 views

Dovecot possible privilege ascalation in ACL plugin

The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a 1 COPY or 2 APPEND command...

6CVSS5.9AI score0.01375EPSS
Exploits0References4
Rows per page
Query Builder