Описание
The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-4577
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10376
- https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00816.html
- https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00844.html
- http://bugs.gentoo.org/show_bug.cgi?id=240409
- http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
- http://secunia.com/advisories/32164
- http://secunia.com/advisories/32471
- http://secunia.com/advisories/33149
- http://secunia.com/advisories/33624
- http://secunia.com/advisories/36904
- http://security.gentoo.org/glsa/glsa-200812-16.xml
- http://www.dovecot.org/list/dovecot-news/2008-October/000085.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:232
- http://www.redhat.com/support/errata/RHSA-2009-0205.html
- http://www.securityfocus.com/bid/31587
- http://www.ubuntu.com/usn/USN-838-1
- http://www.vupen.com/english/advisories/2008/2745
Связанные уязвимости
The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
The ACL plugin in Dovecot before 1.1.4 treats negative access rights a ...
ELSA-2009-0205: dovecot security and bug fix update (LOW)