Описание
Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.0.beta3-3ubuntu5.5 |
| devel | not-affected | |
| edgy | released | 1.0.rc2-1ubuntu2.2 |
| feisty | released | 1.0.rc17-1ubuntu2.1 |
| upstream | released | 1.0.rc29 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
Directory traversal vulnerability in index/mbox/mbox-storage.c in Dove ...
Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
ELSA-2008-0297: dovecot security and bug fix update (LOW)
EPSS
4.3 Medium
CVSS2