Описание
Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | 1.0.beta3-3ubuntu5.5 |
| devel | not-affected | 1:1.0.10-1ubuntu2 |
| edgy | not-affected | 1.0.rc2-1ubuntu2.2 |
| feisty | not-affected | 1.0.rc17-1ubuntu2.2 |
| gutsy | not-affected | 1:1.0.5-1ubuntu2.1 |
| upstream | released | 1.0.13 |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1 ...
Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
EPSS
6.8 Medium
CVSS2