Описание
dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.
Дополнительная информация
Статус:
Low
https://bugzilla.redhat.com/show_bug.cgi?id=469659dovecot: ssl_key_password disclosure due to an insecure dovecot.conf permissions
Связанные уязвимости
nvd
больше 16 лет назад
dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.
debian
больше 16 лет назад
dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedor ...
github
около 3 лет назад
dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.
oracle-oval
больше 16 лет назад
ELSA-2009-0205: dovecot security and bug fix update (LOW)