Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2008-4577
HistoryOct 15, 2008 - 12:00 a.m.

CVE-2008-4577

2008-10-1500:00:00
ubuntu.com
ubuntu.com
10

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.003 Low

EPSS

Percentile

70.7%

JSON

The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if
they are positive access rights, which allows attackers to bypass intended
access restrictions.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchdovecot< 1:1.0.10-1ubuntu5.2UNKNOWN

Related

fedora 2
debiancve 1
debian 2
nessus 11
openvas 24
cve 1
prion 1
veracode 1
redhat 1
securityvulns 2
oraclelinux 1
freebsd 1
gentoo 1
ubuntu 1
fedora
fedora
[SECURITY] Fedora 8 Update: dovecot-1.0.15-14.fc8
2008-10-30 12:51:56
[SECURITY] Fedora 9 Update: dovecot-1.0.15-14.fc9
2008-10-30 12:49:05
debiancve
debiancve
CVE-2008-4577
2008-10-15 20:08:00
debian
debian
[Backports-security-announce] Security Update for dovecot
2008-11-28 21:24:35
[Backports-security-announce] Security Update for dovecot
2008-11-28 21:24:11
nessus
nessus
openSUSE 10 Security Update : dovecot (dovecot-5986)
2009-02-13 00:00:00
Fedora 8 : dovecot-1.0.15-14.fc8 (2008-9232)
2008-10-31 00:00:00
Fedora 9 : dovecot-1.0.15-14.fc9 (2008-9202)
2008-10-31 00:00:00
openvas
openvas
Fedora Update for dovecot FEDORA-2008-9232
2009-02-17 00:00:00
Fedora Update for dovecot FEDORA-2008-9202
2009-02-17 00:00:00
Fedora Update for dovecot FEDORA-2008-9202
2009-02-17 00:00:00
cve
cve
CVE-2008-4577
2008-10-15 20:08:00
prion
prion
Design/Logic Flaw
2008-10-15 20:08:00
veracode
veracode
Access Control Bypass
2020-04-10 00:35:06
redhat
redhat
(RHSA-2009:0205) Low: dovecot security and bug fix update
2009-01-20 00:00:00
securityvulns
securityvulns
dovecot protection bypass
2008-11-21 00:00:00
[ MDVSA-2008:232 ] dovecot
2008-11-21 00:00:00
oraclelinux
oraclelinux
dovecot security and bug fix update
2009-01-27 00:00:00
freebsd
freebsd
dovecot -- ACL plugin bypass vulnerabilities
2008-10-05 00:00:00
gentoo
gentoo
Dovecot: Multiple vulnerabilities
2008-12-14 00:00:00
ubuntu
ubuntu
Dovecot vulnerabilities
2009-09-28 00:00:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.003 Low

EPSS

Percentile

70.7%

JSON
Related for UB:CVE-2008-4577
fedora2debiancve1debian2nessus11openvas24cve1prion1veracode1redhat1securityvulns2oraclelinux1freebsd1gentoo1ubuntu1