Code injection

In cPanel before 88.0.3, an insecure auth policy API key is used by Dovecot on a templated VM SEC-550...

CVE-2020-26102

In cPanel before 88.0.3, an insecure auth policy API key is used by Dovecot on a templated VM SEC-550...

With Pre-Auth policy in place, users get “Error: Not a privilege User” after logging in

From client machine Access website EPA kicks in and successful EPA response Got the login page Two factor Enter the Username and password Got an error “Not a privilege user” and stuck at /cgi/login...

Dovecot SASL Authentication Component Denial of Service (CVE-2016-8652)

A denial of service vulnerability exists in the SASL authentication component of Dovecot server. The vulnerability is due to improper handling of username when processing SASL authentication if auth-policy component has been activated. A remote attacker could exploit this vulnerability by sending...

DEBIAN-CVE-2016-8652

The auth component in Dovecot before 2.2.27, when auth-policy is configured, allows a remote attackers to cause a denial of service crash by aborting authentication without setting a username...

CVE-2016-8652

The auth component in Dovecot before 2.2.27, when auth-policy is configured, allows a remote attackers to cause a denial of service crash by aborting authentication without setting a username...