Published: 24/05/2011 Updated: 29/08/2017

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

VMScore: 578

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

script-login in Dovecot 2.0.x prior to 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script.

Vulnerable Product	Search on Vulmon	Subscribe to Product
dovecot dovecot 2.0.9
dovecot dovecot 2.0.4
dovecot dovecot 2.0.7
dovecot dovecot 2.0.8
dovecot dovecot 2.0.1
dovecot dovecot 2.0.12
dovecot dovecot 2.0.10
dovecot dovecot 2.0.5
dovecot dovecot 2.0.2
dovecot dovecot 2.0.6
dovecot dovecot 2.0.11
dovecot dovecot 2.0.3
dovecot dovecot 2.0.0

Synopsis Low: dovecot security and bug fix update Type/Severity Security Advisory: Low Topic Updated dovecot packages that fix three security issues and one bug are nowavailable for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having lowsecurity impact Common Vulne ...

CWE-16 http://dovecot.org/pipermail/dovecot/2011-May/059085.html http://www.dovecot.org/doc/NEWS-2.0 http://openwall.com/lists/oss-security/2011/05/18/4 http://www.securityfocus.com/bid/48003 http://secunia.com/advisories/52311 http://rhn.redhat.com/errata/RHSA-2013-0520.html https://exchange.xforce.ibmcloud.com/vulnerabilities/67675 https://access.redhat.com/errata/RHSA-2013:0520 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2011-2166

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect