3 matches found
openSUSE 10 Security Update : dovecot (dovecot-1398)
Users could potentially find out mailbox names of other users CVE-2006-2414. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update dovecot-1398. The text description of this plugin is C SUSE LLC...
[SECURITY] [DSA 1080-1] New dovecot packages fix directory traversal
-------------------------------------------------------------------------- Debian Security Advisory DSA 1080-1 [email protected] http://www.debian.org/security/ Steve Kemp May 29th, 2006 http://www.debian.org/security/faq -...
CVE-2006-2414
Dovecot IMAP in 1.0 beta and 1.0 is affected by a directory traversal in LIST/DELETE IMAP commands, allowing remote attackers to enumerate mailbox names under the mbox directory. The issue is a remote programming error that can disclose information. Debian and other advisories document fixes: upg...