23 matches found
EUVD-2011-2158
Malware in sbrugna...
SUSE CVE-2011-2167
script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script...
SUSE CVE-2011-2166
script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script...
Dovecot 2.0.x < 2.0.13 Authentication Bypass Vulnerability
Dovecot is prone to an authentication bypass vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
Dovecot 2.0.x < 2.0.13 Directory Traversal Vulnerability
Dovecot is prone to a directory traversal vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...
Authorization Bypass
dovecot is vulnerable to authorization bypass attacks. The vulnerability exists as script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script...
Scientific Linux Security Update : dovecot on SL6.x i386/x86_64 (20130221)
Two flaws were found in the way some settings were enforced by the script-login functionality of Dovecot. A remote, authenticated user could use these flaws to bypass intended access restrictions or conduct a directory traversal attack by leveraging login scripts. CVE-2011-2166, CVE-2011-2167 A...
dovecot security and bug fix update
1:2.0.9-5 - script-login did not drop privileges correctly 709095 - fix directory traversal due to not obeying chroot directive 709097 - check proxy destination host against SSL certificate name 754980 1:2.0.9-4 - dovecot may not set correct premissions for mail folder 697620 1:2.0.9-3 - fix...
dovecot: directory traversal due to not obeying chroot directive
script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script...
dovecot: authenticated remote bypass of intended access restrictions
script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script...
Fedora 14 : dovecot-2.0.13-1.fc14 (2011-7258)
dovecot updated to 2.0.13 - mdbox purge: Fixed wrong warning about corrupted extrefs. - script-login binary wasn't actually dropping privileges to the user/group/chroot specified by its service settings. - Fixed potential crashes and other problems when parsing header names that contained NUL...
Fedora 15 : dovecot-2.0.13-1.fc15 (2011-7268)
dovecot updated to 2.0.13 - mdbox purge: Fixed wrong warning about corrupted extrefs. - script-login binary wasn't actually dropping privileges to the user/group/chroot specified by its service settings. - Fixed potential crashes and other problems when parsing header names that contained NUL...
CVE-2011-2166
script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script...
CVE-2011-2167
script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script...
DEBIAN-CVE-2011-2167
script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script...
DEBIAN-CVE-2011-2166
script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script...
CVE-2011-2166
script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script...
Directory traversal
script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script...
CVE-2011-2166
script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script...
CVE-2011-2167
script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script...