Lucene search
K

18 matches found

OpenVAS
OpenVAS
added 2015/10/08 12:0 a.m.32 views

Oracle: Security Advisory (ELSA-2008-0297)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.5AI score0.02123EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.15 views

Ubuntu: Security Advisory (USN-593-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.6AI score0.07342EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2009/03/06 12:0 a.m.34 views

RedHat Update for dovecot RHSA-2008:0297-02

Check for the Version of dovecot OpenVAS Vulnerability Test RedHat Update for dovecot RHSA-2008:0297-02 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

6.8CVSS6.3AI score0.02123EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2009/02/16 12:0 a.m.26 views

Fedora Update for dovecot FEDORA-2008-2475

Check for the Version of dovecot OpenVAS Vulnerability Test Fedora Update for dovecot FEDORA-2008-2475 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

6.8CVSS6.3AI score0.07342EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2009/02/16 12:0 a.m.30 views

Fedora Update for dovecot FEDORA-2008-2464

Check for the Version of dovecot OpenVAS Vulnerability Test Fedora Update for dovecot FEDORA-2008-2464 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

6.8CVSS6.3AI score0.07342EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2009/02/16 12:0 a.m.23 views

Fedora Update for dovecot FEDORA-2008-2475

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.8CVSS6.6AI score0.07342EPSS
Exploits6References2
Oracle linux
Oracle linux
added 2008/05/30 12:0 a.m.43 views

dovecot security and bug fix update

1.0.7-2 - LDAP+auth cache user login mixup CVE-2007-6598, 427575 - insecure mailextragroups option CVE-2008-1199, 436927 1.0.7-1 - update to latest upstream, fixes a few bugs 331441, 245249, plus two security vulnerabilities CVE-2007-2231, CVE-2007-4211 - increased default loginprocesssize to 64...

6.8CVSS1.4AI score0.02123EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2008/03/28 12:0 a.m.34 views

Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : dovecot vulnerabilities (USN-593-1)

It was discovered that the default configuration of dovecot could allow access to any email files with group 'mail' without verifying that a user had valid rights. An attacker able to create symlinks in their mail directory could exploit this to read or delete another user's email. CVE-2008-1199 ...

6.8CVSS5.5AI score0.07342EPSS
Exploits6References3
Ubuntu
Ubuntu
added 2008/03/26 5:34 p.m.101 views

USN-593-1: Dovecot vulnerabilities

It was discovered that the default configuration of dovecot could allow access to any email files with group "mail" without verifying that a user had valid rights. An attacker able to create symlinks in their mail directory could exploit this to read or delete another user's email. CVE-2008-1199 ...

6.8CVSS5.4AI score0.07342EPSS
Exploits6
OpenVAS
OpenVAS
added 2008/03/19 12:0 a.m.32 views

Debian Security Advisory DSA 1516-1 (dovecot)

The remote host is missing an update to dovecot announced via advisory DSA 1516-1. OpenVAS Vulnerability Test $Id: deb15161.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1516-1 dovecot Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

6.8CVSS1AI score0.07342EPSS
Exploits6
OpenVAS
OpenVAS
added 2008/03/19 12:0 a.m.19 views

Debian: Security Advisory (DSA-1516-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.6AI score0.07342EPSS
Exploits6References3
Gentoo Linux
Gentoo Linux
added 2008/03/18 12:0 a.m.36 views

Dovecot: Multiple vulnerabilities

Background Dovecot is a lightweight, fast and easy to configure IMAP and POP3 mail server. Description Dovecot uses the group configured via the "mailextragroups" setting, which should be used to create lockfiles in the /var/mail directory, when accessing arbitrary files CVE-2008-1199. Dovecot do...

6.8CVSS6.7AI score0.07342EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2008/03/17 12:0 a.m.278 views

Debian DSA-1516-1 : dovecot - privilege escalation

Prior to this update, the default configuration for Dovecot used by Debian runs the server daemons with group mail privileges. This means that users with write access to their mail directory on the server for example, through an SSH login could read and also delete via a symbolic link mailboxes...

6.8CVSS5.3AI score0.07342EPSS
Exploits6References6
Debian
Debian
added 2008/03/14 11:29 p.m.28 views

[SECURITY] [DSA 1516-1] New dovecot packages fix privilege escalation

---------------------------------------------------------------------- Debian Security Advisory DSA-1516-1 [email protected] http://www.debian.org/security/ Florian Weimer March 14, 2008 http://www.debian.org/security/faq - ----------------------------------------------------------------------...

6.8CVSS6.1AI score0.07342EPSS
Exploits6
OSV
OSV
added 2008/03/14 12:0 a.m.37 views

DSA-1516-1 dovecot - privilege escalation

Bulletin has no description...

6.8CVSS5.9AI score0.07342EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2008/03/13 12:0 a.m.40 views

Fedora 8 : dovecot-1.0.13-6.fc8 (2008-2464)

This update upgrades dovecot from version 1.0.10 to 1.0.13. Besides bug fixes, two security issues were fixed upstream in version 1.0.11 and 1.0.13. CVE-2008-1199 If Dovecot was configured with mailextragroups = mail, users having shell access to IMAP server could use this flaw to read, modify or...

6.8CVSS5.5AI score0.07342EPSS
Exploits6References5
OSV
OSV
added 2008/03/06 9:44 p.m.9 views

CVE-2008-1199

Dovecot before 1.0.11, when configured to use mailextragroups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack...

5.8AI score
Exploits0References18
CVE
CVE
added 2008/03/06 9:0 p.m.97 views

CVE-2008-1199

CVE-2008-1199 affects Dovecot before 1.0.11. When configured with mail_extra_groups to create dotlocks in /var/mail, a local attacker could read sensitive mail files of other users or modify group-writable files/directories via a symlink attack. The vulnerability is documented across multiple adv...

4.4CVSS5.7AI score0.00341EPSS
Exploits0References18Affected Software1
Rows per page
Query Builder