CVE-2007-2231 - Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when usin

CVE-2007-2231

Summary

Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.

References

Vulnerable Configurations

cpe:2.3:a:dovecot:dovecot:1.0.beta1:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.beta1:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.beta2:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.beta2:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.beta3:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.beta3:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.beta4:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.beta4:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.beta5:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.beta5:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.beta6:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.beta6:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.beta7:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.beta7:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.beta8:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.beta8:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.beta9:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.beta9:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc1:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc1:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc2:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc2:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc3:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc3:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc4:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc4:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc5:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc5:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc6:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc6:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc7:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc7:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc8:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc8:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc9:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc9:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc10:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc10:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc11:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc11:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc12:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc12:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc13:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc13:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc14:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc14:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc15:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc15:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc16:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc16:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc17:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc17:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc18:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc18:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc19:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc19:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc20:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc20:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc21:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc21:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc22:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc22:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc23:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc23:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc24:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc24:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc25:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc25:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc26:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc26:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc27:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc27:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc28:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:1.0.rc28:*:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 16-10-2018 - 16:42)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:N/A:N

oval via4

accepted

2013-04-29T04:10:34.145-04:00

class

vulnerability

contributors

name Aharon Chernin
organization SCAP.com, LLC
name Dragos Prisaca
organization G2, Inc.

definition_extensions

comment The operating system installed on the system is Red Hat Enterprise Linux 5
oval oval:org.mitre.oval:def:11414
comment The operating system installed on the system is CentOS Linux 5.x
oval oval:org.mitre.oval:def:15802
comment Oracle Linux 5.x
oval oval:org.mitre.oval:def:15459

description

family

unix

oval:org.mitre.oval:def:10995

status

accepted

submitted

2010-07-09T03:56:16-04:00

title

version

redhat via4

advisories

rhsa

id	RHSA-2008:0297

rpms

dovecot-0:1.0.7-2.el5
dovecot-debuginfo-0:1.0.7-2.el5

refmap via4

bid	23552
bugtraq	20070418 rPSA-2007-0074-1 dovecot
confirm	http://dovecot.org/doc/NEWS
debian	DSA-1359
mlist	[dovecot-cvs] 20070330 dovecot/src/lib-storage/index/mbox mbox-storage.c, 1.145.2.14, 1.145.2.15 [dovecot-news] 20070330 Security hole #3: zlib plugin allows opening any gziped mboxes
secunia	25072 30342
suse	SUSE-SR:2007:008
ubuntu	USN-487-1
vupen	ADV-2007-1452
xf	dovecot-mboxstorage-directory-traversal(34082)

statements via4

contributor	Joshua Bressers
lastmodified	2008-05-21
organization	Red Hat
statement	This issue did not affect Red Hat Enterprise Linux prior to version 5. An update to Red Hat Enterprise Linux 5 was released to correct this issue: https://rhn.redhat.com/errata/RHSA-2008-0297.html

Last major update

16-10-2018 - 16:42

Published

25-04-2007 - 15:19

Last modified

16-10-2018 - 16:42