Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote malicious users to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
timo sirainen dovecot 1.0_beta7 |
||
timo sirainen dovecot 1.0_beta2 |
||
timo sirainen dovecot 1.0_beta3 |
||
timo sirainen dovecot 1.0 |