Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.38 views

Mandriva Linux Security Advisory : dovecot (MDVSA-2008:232)

The ACL plugin in dovecot prior to version 1.1.4 treated negative access rights as though they were positive access rights, which allowed attackers to bypass intended access restrictions CVE-2008-4577. The ACL plugin in dovecot prior to version 1.1.4 allowed attackers to bypass intended access...

7.5CVSS7.4AI score0.02328EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.31 views

Mandriva Update for dovecot MDVSA-2008:232 (dovecot)

Check for the Version of dovecot OpenVAS Vulnerability Test Mandriva Update for dovecot MDVSA-2008:232 dovecot Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

6.4CVSS0.4AI score0.02328EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2008/12/23 12:0 a.m.22 views

Gentoo Security Advisory GLSA 200812-16 (dovecot)

The remote host is missing updates announced in advisory GLSA 200812-16. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.06203EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2008/11/21 12:0 a.m.39 views

FreeBSD : dovecot -- ACL plugin bypass vulnerabilities (75c24c1d-b688-11dd-88fd-001c2514716c)

Timo Sirainen reports in dovecot 1.1.4 release notes : ACL plugin fixes: Negative rights were actually treated as positive rights. 'k' right didn't prevent creating parent/child/child mailbox. ACL groups weren't working. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...

7.5CVSS7.2AI score0.02328EPSS
Exploits0References3
OSV
OSV
added 2008/10/15 8:8 p.m.7 views

CVE-2008-4578

The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes...

6.2AI score
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2008/10/15 8:8 p.m.1 views

CVE-2008-4578

The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes...

5CVSS5.5AI score0.01679EPSS
Exploits0References11
CVE
CVE
added 2008/10/15 8:0 p.m.84 views

CVE-2008-4578

CVE-2008-4578 affects Dovecot via the ACL plugin: the k-right can bypass access restrictions to create unauthorized parent/child mailboxes. The issue is part of a set of Dovecot vulnerabilities described in GLSA 200812-16 and MDVSA-2008:232, with remediation by upgrading Dovecot to a newer versio...

5CVSS7.3AI score0.01679EPSS
Exploits0References10Affected Software1
Debian CVE
Debian CVE
added 2008/10/15 8:0 p.m.31 views

CVE-2008-4578

The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes...

5CVSS6.3AI score0.01679EPSS
Exploits0
Rows per page
Query Builder