8 matches found
Mandriva Linux Security Advisory : dovecot (MDVSA-2008:232)
The ACL plugin in dovecot prior to version 1.1.4 treated negative access rights as though they were positive access rights, which allowed attackers to bypass intended access restrictions CVE-2008-4577. The ACL plugin in dovecot prior to version 1.1.4 allowed attackers to bypass intended access...
Mandriva Update for dovecot MDVSA-2008:232 (dovecot)
Check for the Version of dovecot OpenVAS Vulnerability Test Mandriva Update for dovecot MDVSA-2008:232 dovecot Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
Gentoo Security Advisory GLSA 200812-16 (dovecot)
The remote host is missing updates announced in advisory GLSA 200812-16. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : dovecot -- ACL plugin bypass vulnerabilities (75c24c1d-b688-11dd-88fd-001c2514716c)
Timo Sirainen reports in dovecot 1.1.4 release notes : ACL plugin fixes: Negative rights were actually treated as positive rights. 'k' right didn't prevent creating parent/child/child mailbox. ACL groups weren't working. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...
CVE-2008-4578
The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes...
CVE-2008-4578
The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes...
CVE-2008-4578
CVE-2008-4578 affects Dovecot via the ACL plugin: the k-right can bypass access restrictions to create unauthorized parent/child mailboxes. The issue is part of a set of Dovecot vulnerabilities described in GLSA 200812-16 and MDVSA-2008:232, with remediation by upgrading Dovecot to a newer versio...
CVE-2008-4578
The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes...