Описание
script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | |
| devel | released | 1:2.0.13-1ubuntu1 |
| hardy | not-affected | |
| lucid | not-affected | |
| maverick | not-affected | |
| natty | not-affected | |
| upstream | released | 2.0.13 |
Показывать по
Ссылки на источники
EPSS
6.5 Medium
CVSS2
Связанные уязвимости
script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot ...
script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
ELSA-2013-0520: dovecot security and bug fix update (LOW)
EPSS
6.5 Medium
CVSS2