Dovecot@1.2.7 Security Vulnerabilities and Issues — Dovecot@1.2.7 CVE List

Lucene search

DovecotDovecot1.2.7

8 matches found

CVE•added 2014/05/14 7:55 p.m.•95 views

CVE-2014-3430

Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service (resource consumption) via an incomplete SSL/TLS handshake for an IMAP/POP3 connection.

5CVSS5.6AI score0.04797EPSS

CVE•added 2011/05/24 11:55 p.m.•69 views

CVE-2011-1929

lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.

5CVSS5.2AI score0.05807EPSS

CVE•added 2010/10/06 5:0 p.m.•68 views

CVE-2010-3707

plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving mor...

5.5CVSS5AI score0.00182EPSS

CVE•added 2010/10/06 9:0 p.m.•62 views

CVE-2010-3780

Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions.

4CVSS5.1AI score0.01055EPSS

CVE•added 2010/10/06 9:0 p.m.•57 views

CVE-2010-3779

Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by a symlinked shared mail...

3.5CVSS5AI score0.00302EPSS

CVE•added 2010/05/20 5:30 p.m.•56 views

CVE-2010-0745

Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message.

5CVSS5.2AI score0.0188EPSS

CVE•added 2010/10/06 5:0 p.m.•56 views

CVE-2010-3706

5.5CVSS5AI score0.00402EPSS

CVE•added 2010/09/24 7:0 p.m.•51 views

CVE-2010-3304

The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.

6.4CVSS5.2AI score0.01708EPSS