Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2011-2167

Опубликовано: 24 мая 2011
Источник: nvd
CVSS2: 6.5
EPSS Низкий

Описание

script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:dovecot:dovecot:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:2.0.7:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:2.0.8:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:2.0.9:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:2.0.10:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:2.0.11:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:2.0.12:*:*:*:*:*:*:*

EPSS

Процентиль: 65%
0.00509
Низкий

6.5 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

ubuntu
около 14 лет назад

script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.

redhat
больше 14 лет назад

script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.

debian
около 14 лет назад

script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot ...

github
больше 3 лет назад

script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.

oracle-oval
больше 12 лет назад

ELSA-2013-0520: dovecot security and bug fix update (LOW)

EPSS

Процентиль: 65%
0.00509
Низкий

6.5 Medium

CVSS2

Дефекты

CWE-22