Download
| Alert*
oval:org.secpod.oval:def:500508
Dovecot is an IMAP server for Linux and UNIX-like systems, primarily written with security in mind. A flaw was found in Dovecot"s ACL plug-in. The ACL plug-in treated negative access rights as positive rights, which could allow an attacker to bypass intended access restrictions. A password disclosu ... oval:org.secpod.oval:def:700425 It was discovered that the ACL plugin in Dovecot would incorrectly handle negative access rights. An attacker could exploit this flaw to access the Dovecot server, bypassing the indended access restrictions. This only affected Ubuntu 8.04 LTS. It was discovered that the ManageSieve service in Dovec ... oval:org.secpod.oval:def:301656 The ACL plugin in dovecot prior to version 1.1.4 treated negative access rights as though they were positive access rights, which allowed attackers to bypass intended access restrictions . The ACL plugin in dovecot prior to version 1.1.6 allowed attackers to bypass intended access restrictions by us ... |