Search Results (Refine Search)
- Keyword (text search): Dovecot
- Search Type: Search All
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2007-4211 |
The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a (1) COPY or (2) APPEND command. Published: August 07, 2007; 10:17:00 PM -0400 |
V3.x:(not available) V2.0: 6.0 MEDIUM |
CVE-2007-2231 |
Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name. Published: April 25, 2007; 11:19:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2006-5973 |
Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file. Published: November 20, 2006; 2:07:00 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2006-2414 |
Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command. Published: May 16, 2006; 6:02:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2006-0730 |
Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability. Published: February 16, 2006; 6:02:00 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |