Argument injection vulnerability in Dovecot 1.0.x prior to 1.0.13, and 1.1.x prior to 1.1.rc3, when using blocking passdbs, allows remote malicious users to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dovecot dovecot |