Lucene search
K

5 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:6 a.m.3 views

SUSE CVE-2008-4577

The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions...

7.5CVSS6.9AI score0.02328EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2009/01/20 3:45 p.m.3 views

dovecot: incorrect handling of negative rights in the ACL plugin

The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions...

7.5CVSS7.1AI score0.02328EPSS
Exploits0References4
OSV
OSV
added 2008/10/15 8:8 p.m.1 views

DEBIAN-CVE-2008-4577

The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions...

7.5CVSS6.9AI score0.02328EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2008/10/15 12:0 a.m.1 views

PT-2008-5795 · Dovecot +1 · Dovecot +1

Name of the Vulnerable Software and Affected Versions: Dovecot versions prior to 1.1.4 Description: The issue allows attackers to bypass intended access restrictions due to the ACL plugin treating negative access rights as if they are positive access rights. Recommendations: For versions prior to...

7.5CVSS7.4AI score0.02328EPSS
Exploits0References24
FreeBSD
FreeBSD
added 2008/10/05 12:0 a.m.45 views

dovecot -- ACL plugin bypass vulnerabilities

Timo Sirainen reports in dovecot 1.1.4 release notes: ACL plugin fixes: Negative rights were actually treated as positive rights. 'k' right didn't prevent creating parent/child/child mailbox. ACL groups weren't working...

5CVSS6.5AI score0.01679EPSS
Exploits0
Rows per page
Query Builder