Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.30 views

Oracle Linux 5 : dovecot (ELSA-2009-0205)

The remote Oracle Linux 5 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2009-0205 advisory. - Resolves: 436287, CVE-2008-4870 - Resolves: 469015, CVE-2008-4577 Tenable has extracted the preceding description block directly from the Oracle Linu...

7.5CVSS7.4AI score0.02328EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2009/10/06 12:0 a.m.23 views

Ubuntu: Security Advisory (USN-838-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.0404EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2009/09/28 12:44 p.m.76 views

USN-838-1: Dovecot vulnerabilities

It was discovered that the ACL plugin in Dovecot would incorrectly handle negative access rights. An attacker could exploit this flaw to access the Dovecot server, bypassing the intended access restrictions. This only affected Ubuntu 8.04 LTS. CVE-2008-4577 It was discovered that the ManageSieve...

7.5CVSS6.6AI score0.0404EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/07/21 12:0 a.m.37 views

openSUSE Security Update : dovecot (dovecot-504)

Dovecot didn't properly treat negative access rights therefore allowing attackers to bypass intended access restrictions CVE-2008-4577 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

7.5CVSS7.3AI score0.02328EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.38 views

Mandriva Linux Security Advisory : dovecot (MDVSA-2008:232)

The ACL plugin in dovecot prior to version 1.1.4 treated negative access rights as though they were positive access rights, which allowed attackers to bypass intended access restrictions CVE-2008-4577. The ACL plugin in dovecot prior to version 1.1.4 allowed attackers to bypass intended access...

7.5CVSS7.4AI score0.02328EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.31 views

Mandriva Update for dovecot MDVSA-2008:232 (dovecot)

Check for the Version of dovecot OpenVAS Vulnerability Test Mandriva Update for dovecot MDVSA-2008:232 dovecot Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

6.4CVSS0.4AI score0.02328EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2009/02/17 12:0 a.m.37 views

Fedora Update for dovecot FEDORA-2008-9232

Check for the Version of dovecot OpenVAS Vulnerability Test Fedora Update for dovecot FEDORA-2008-9232 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

6.4CVSS7.6AI score0.02328EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2009/02/17 12:0 a.m.24 views

Fedora Update for dovecot FEDORA-2008-9202

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

7.5CVSS7.6AI score0.02328EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2009/02/13 12:0 a.m.44 views

openSUSE 10 Security Update : dovecot (dovecot-5986)

Dovecot didn't properly treat negative access rights therefore allowing attackers to bypass intended access restrictions CVE-2008-4577 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

7.5CVSS7.3AI score0.02328EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2008/12/23 12:0 a.m.22 views

Gentoo Security Advisory GLSA 200812-16 (dovecot)

The remote host is missing updates announced in advisory GLSA 200812-16. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.06203EPSS
Exploits0References4
Debian
Debian
added 2008/11/28 9:24 p.m.30 views

[Backports-security-announce] Security Update for dovecot

Gerfried Fuchs uploaded new packages for dovecot which fixed the following security problems: CVE-2008-4577, Debian Bug 502967 The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions...

7.5CVSS7.1AI score0.02328EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2008/11/21 12:0 a.m.39 views

FreeBSD : dovecot -- ACL plugin bypass vulnerabilities (75c24c1d-b688-11dd-88fd-001c2514716c)

Timo Sirainen reports in dovecot 1.1.4 release notes : ACL plugin fixes: Negative rights were actually treated as positive rights. 'k' right didn't prevent creating parent/child/child mailbox. ACL groups weren't working. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...

7.5CVSS7.2AI score0.02328EPSS
Exploits0References3
OSV
OSV
added 2008/10/15 8:8 p.m.9 views

CVE-2008-4577

The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions...

7.5CVSS7.4AI score
Exploits0References19
Rows per page
Query Builder