18 matches found
Oracle: Security Advisory (ELSA-2008-0297)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-593-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RedHat Update for dovecot RHSA-2008:0297-02
Check for the Version of dovecot OpenVAS Vulnerability Test RedHat Update for dovecot RHSA-2008:0297-02 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for dovecot FEDORA-2008-2475
Check for the Version of dovecot OpenVAS Vulnerability Test Fedora Update for dovecot FEDORA-2008-2475 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for dovecot FEDORA-2008-2464
Check for the Version of dovecot OpenVAS Vulnerability Test Fedora Update for dovecot FEDORA-2008-2464 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for dovecot FEDORA-2008-2475
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
dovecot security and bug fix update
1.0.7-2 - LDAP+auth cache user login mixup CVE-2007-6598, 427575 - insecure mailextragroups option CVE-2008-1199, 436927 1.0.7-1 - update to latest upstream, fixes a few bugs 331441, 245249, plus two security vulnerabilities CVE-2007-2231, CVE-2007-4211 - increased default loginprocesssize to 64...
Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : dovecot vulnerabilities (USN-593-1)
It was discovered that the default configuration of dovecot could allow access to any email files with group 'mail' without verifying that a user had valid rights. An attacker able to create symlinks in their mail directory could exploit this to read or delete another user's email. CVE-2008-1199 ...
USN-593-1: Dovecot vulnerabilities
It was discovered that the default configuration of dovecot could allow access to any email files with group "mail" without verifying that a user had valid rights. An attacker able to create symlinks in their mail directory could exploit this to read or delete another user's email. CVE-2008-1199 ...
Debian Security Advisory DSA 1516-1 (dovecot)
The remote host is missing an update to dovecot announced via advisory DSA 1516-1. OpenVAS Vulnerability Test $Id: deb15161.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1516-1 dovecot Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
Debian: Security Advisory (DSA-1516-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Dovecot: Multiple vulnerabilities
Background Dovecot is a lightweight, fast and easy to configure IMAP and POP3 mail server. Description Dovecot uses the group configured via the "mailextragroups" setting, which should be used to create lockfiles in the /var/mail directory, when accessing arbitrary files CVE-2008-1199. Dovecot do...
Debian DSA-1516-1 : dovecot - privilege escalation
Prior to this update, the default configuration for Dovecot used by Debian runs the server daemons with group mail privileges. This means that users with write access to their mail directory on the server for example, through an SSH login could read and also delete via a symbolic link mailboxes...
[SECURITY] [DSA 1516-1] New dovecot packages fix privilege escalation
---------------------------------------------------------------------- Debian Security Advisory DSA-1516-1 [email protected] http://www.debian.org/security/ Florian Weimer March 14, 2008 http://www.debian.org/security/faq - ----------------------------------------------------------------------...
DSA-1516-1 dovecot - privilege escalation
Bulletin has no description...
Fedora 8 : dovecot-1.0.13-6.fc8 (2008-2464)
This update upgrades dovecot from version 1.0.10 to 1.0.13. Besides bug fixes, two security issues were fixed upstream in version 1.0.11 and 1.0.13. CVE-2008-1199 If Dovecot was configured with mailextragroups = mail, users having shell access to IMAP server could use this flaw to read, modify or...
CVE-2008-1199
Dovecot before 1.0.11, when configured to use mailextragroups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack...
CVE-2008-1199
CVE-2008-1199 affects Dovecot before 1.0.11. When configured with mail_extra_groups to create dotlocks in /var/mail, a local attacker could read sensitive mail files of other users or modify group-writable files/directories via a symlink attack. The vulnerability is documented across multiple adv...