Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot prior to 1.0.rc29, when using the zlib plugin, allows remote malicious users to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dovecot dovecot 1.0.beta4 |
||
dovecot dovecot 1.0.beta5 |
||
dovecot dovecot 1.0.rc11 |
||
dovecot dovecot 1.0.rc12 |
||
dovecot dovecot 1.0.rc2 |
||
dovecot dovecot 1.0.rc20 |
||
dovecot dovecot 1.0.rc27 |
||
dovecot dovecot 1.0.rc28 |
||
dovecot dovecot 1.0.rc9 |
||
dovecot dovecot 1.0.beta2 |
||
dovecot dovecot 1.0.beta3 |
||
dovecot dovecot 1.0.rc1 |
||
dovecot dovecot 1.0.rc10 |
||
dovecot dovecot 1.0.rc18 |
||
dovecot dovecot 1.0.rc19 |
||
dovecot dovecot 1.0.rc25 |
||
dovecot dovecot 1.0.rc26 |
||
dovecot dovecot 1.0.rc7 |
||
dovecot dovecot 1.0.rc8 |
||
dovecot dovecot 1.0.beta6 |
||
dovecot dovecot 1.0.beta7 |
||
dovecot dovecot 1.0.rc13 |
||
dovecot dovecot 1.0.rc14 |
||
dovecot dovecot 1.0.rc15 |
||
dovecot dovecot 1.0.rc21 |
||
dovecot dovecot 1.0.rc22 |
||
dovecot dovecot 1.0.rc3 |
||
dovecot dovecot 1.0.rc4 |
||
dovecot dovecot 1.0.beta1 |
||
dovecot dovecot 1.0.beta8 |
||
dovecot dovecot 1.0.beta9 |
||
dovecot dovecot 1.0.rc16 |
||
dovecot dovecot 1.0.rc17 |
||
dovecot dovecot 1.0.rc23 |
||
dovecot dovecot 1.0.rc24 |
||
dovecot dovecot 1.0.rc5 |
||
dovecot dovecot 1.0.rc6 |