CVE-2008-4870

Опубликовано: 06 мар. 2008

Источник: redhat

EPSS Низкий

Описание

dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.

Ссылки на источники

Дополнительная информация

Статус:

Low

https://bugzilla.redhat.com/show_bug.cgi?id=469659dovecot: ssl_key_password disclosure due to an insecure dovecot.conf permissions

EPSS

Процентиль: 12%

0.0004

Низкий

Связанные уязвимости

CVE-2008-4870

ubuntu

около 17 лет назад

dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.

CVE-2008-4870

nvd

около 17 лет назад

dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.

CVE-2008-4870

debian

около 17 лет назад

dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedor ...

GHSA-7hp8-2g4v-fc2h

github

больше 3 лет назад

dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.

ELSA-2009-0205

oracle-oval

почти 17 лет назад

ELSA-2009-0205: dovecot security and bug fix update (LOW)

EPSS

Процентиль: 12%

0.0004

Низкий