Описание
Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
Отчет
This issue did not affect versions of Dovecot as shipped with Red Hat Enterprise Linux before version 5.
Дополнительная информация
Статус:
EPSS
Связанные уязвимости
Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
Dovecot before 1.0.10, with certain configuration options including us ...
Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
ELSA-2008-0297: dovecot security and bug fix update (LOW)
EPSS