Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dovecot dovecot - vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2008-4907
The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote malicious users to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an assertion error, aka "...
Dovecot Dovecot 1.1.5
Dovecot Dovecot 1.1.4
1 EDB exploit
187
VMScore
CVE-2008-4870
dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.
Dovecot Dovecot 1.0.7
570
VMScore
CVE-2008-4577
The ACL plugin in Dovecot prior to 1.1.4 treats negative access rights as if they are positive access rights, which allows malicious users to bypass intended access restrictions.
Dovecot Dovecot
Fedoraproject Fedora 9
Fedoraproject Fedora 8
Opensuse Opensuse 10.3-11.1
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
445
VMScore
CVE-2008-4578
The ACL plugin in Dovecot prior to 1.1.4 allows malicious users to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
Dovecot Dovecot 1.0.6
Dovecot Dovecot 1.0.rc20
Dovecot Dovecot 1.0.beta2
Dovecot Dovecot 1.0.5
Dovecot Dovecot 1.0.beta5
Dovecot Dovecot 1.0
Dovecot Dovecot 1.0.rc15
Dovecot Dovecot 1.1
Dovecot Dovecot 1.0.rc19
Dovecot Dovecot 1.0.rc12
Dovecot Dovecot 1.0.beta4
Dovecot Dovecot
Dovecot Dovecot 1.0.12
Dovecot Dovecot 1.0.rc14
Dovecot Dovecot 1.0.beta6
Dovecot Dovecot 1.0.2
Dovecot Dovecot 1.0.beta9
Dovecot Dovecot 1.1.2
Dovecot Dovecot 1.0.rc8
Dovecot Dovecot 1.0.rc2
Dovecot Dovecot 1.0.7
Dovecot Dovecot 1.0.rc25
685
VMScore
CVE-2008-1218
Argument injection vulnerability in Dovecot 1.0.x prior to 1.0.13, and 1.1.x prior to 1.1.rc3, when using blocking passdbs, allows remote malicious users to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable th...
Dovecot Dovecot
1 EDB exploit
392
VMScore
CVE-2008-1199
Dovecot prior to 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
Dovecot Dovecot 1.0.6
Dovecot Dovecot 1.0.beta2
Dovecot Dovecot 1.0.5
Dovecot Dovecot 1.0
Dovecot Dovecot 1.0.rc15
Dovecot Dovecot 1.0.rc12
Dovecot Dovecot 1.0.rc14
Dovecot Dovecot 1.0.2
Dovecot Dovecot 1.0.rc8
Dovecot Dovecot 1.0.rc2
Dovecot Dovecot 1.0.7
Dovecot Dovecot 0.99.14
Dovecot Dovecot 1.0.beta8
Dovecot Dovecot 1.0.beta3
Dovecot Dovecot 1.0.3
Dovecot Dovecot 1.0.rc9
Dovecot Dovecot 1.0.rc13
Dovecot Dovecot 1.0.8
Dovecot Dovecot 1.0.rc11
Dovecot Dovecot 1.0.4
Dovecot Dovecot 1.0.rc6
Dovecot Dovecot 1.0.rc3
605
VMScore
CVE-2007-6598
Dovecot prior to 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
Dovecot Dovecot
383
VMScore
CVE-2007-5794
Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot...
Nss Ldap Nss Ldap
534
VMScore
CVE-2007-4211
The ACL plugin in Dovecot prior to 1.0.3 allows remote authenticated users with the insert right to save certain flags via a (1) COPY or (2) APPEND command.
Dovecot Dovecot
383
VMScore
CVE-2007-2231
Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot prior to 1.0.rc29, when using the zlib plugin, allows remote malicious users to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
Dovecot Dovecot 1.0.rc20
Dovecot Dovecot 1.0.beta2
Dovecot Dovecot 1.0.beta5
Dovecot Dovecot 1.0.rc15
Dovecot Dovecot 1.0.rc19
Dovecot Dovecot 1.0.rc12
Dovecot Dovecot 1.0.beta4
Dovecot Dovecot 1.0.rc14
Dovecot Dovecot 1.0.beta6
Dovecot Dovecot 1.0.beta9
Dovecot Dovecot 1.0.rc8
Dovecot Dovecot 1.0.rc2
Dovecot Dovecot 1.0.rc25
Dovecot Dovecot 1.0.beta8
Dovecot Dovecot 1.0.beta3
Dovecot Dovecot 1.0.rc16
Dovecot Dovecot 1.0.rc9
Dovecot Dovecot 1.0.rc27
Dovecot Dovecot 1.0.beta1
Dovecot Dovecot 1.0.rc13
Dovecot Dovecot 1.0.rc11
Dovecot Dovecot 1.0.rc6
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »