11 matches found
Oracle Linux 6 : dovecot (ELSA-2011-0600)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-0600 advisory. 2.0.9-2 - fix issues and assert crashes found in 2.0.9 lmtp,dotlock,zlib 2.0.9-1 - dovecot updated to 2.0.9 - fixed a high system CPU usage / high...
Oracle: Security Advisory (ELSA-2011-0600)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : dovecot12 (openSUSE-SU-2010:0923-1)
dovecot granted admin rights to all owner mailboxes CVE-2010-3706. When using multiple ACL entries for mailboxes the most specific one was not always applied CVE-2010-3707. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
RedHat Update for dovecot RHSA-2011:0600-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
RHEL 6 : dovecot (RHSA-2011:0600)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0600 advisory. Dovecot is an IMAP server for Linux, UNIX, and similar operating systems, primarily written with security in mind. A flaw was found in the w...
Ubuntu: Security Advisory (USN-1059-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mandriva Update for dovecot MDVSA-2010:217 (dovecot)
Check for the Version of dovecot OpenVAS Vulnerability Test Mandriva Update for dovecot MDVSA-2010:217 dovecot Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
openSUSE Security Update : dovecot12 (openSUSE-SU-2010:0923-1)
dovecot granted admin rights to all owner mailboxes CVE-2010-3706. When using multiple ACL entries for mailboxes the most specific one was not always applied CVE-2010-3707. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
BSA-006 Security Update for dovecot
Marco Nenciarini uploaded new packages for dovecot which fixed the following security problems: CVE-2010-3706 plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instea...
CVE-2010-3707
plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving...
CVE-2010-3707
CVE-2010-3707 affects Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5. A faulty interpretation of ACL entries causes an ACL directive to add to permissions rather than replace them, in certain ordering scenarios, enabling remote authenticated users to bypass intended mailbox access restriction...